last executing test programs: 4m52.244446958s ago: executing program 3 (id=2516): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x594, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c) getsockopt$inet6_tcp_int(r0, 0x6, 0x22, 0x0, &(0x7f0000000900)) 4m52.242831126s ago: executing program 3 (id=2518): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000380)="a91c47", 0x3}], 0x1) 4m52.166770461s ago: executing program 3 (id=2519): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000009800000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="d2ff03066003008cb89e08d988a8", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 4m52.125622537s ago: executing program 3 (id=2522): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002) readv(r0, &(0x7f0000000140)=[{0x0, 0x2f}, {&(0x7f0000000940)=""/101, 0x65}], 0x2) write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37) 4m51.986189694s ago: executing program 3 (id=2527): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 4m51.911743077s ago: executing program 3 (id=2536): openat$ptp0(0xffffff9c, &(0x7f0000000000), 0x500, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 4m36.777149047s ago: executing program 32 (id=2536): openat$ptp0(0xffffff9c, &(0x7f0000000000), 0x500, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 4m5.244808334s ago: executing program 4 (id=3858): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000001340)=0x33, 0x2) connect$bt_sco(r0, &(0x7f00000016c0)={0x1f, @none}, 0x8) 4m5.166136572s ago: executing program 4 (id=3861): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff) 4m5.130172493s ago: executing program 4 (id=3862): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) write$vhost_msg_v2(r0, &(0x7f0000000340)={0x2, 0x0, {&(0x7f0000000280)=""/89, 0xfffffffffffffc73, 0x0, 0x0, 0x2}}, 0x48) 4m4.691087103s ago: executing program 4 (id=3872): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=@newtaction={0x94, 0x30, 0xffffffffffffffff, 0x0, 0x40002, {}, [{0x80, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x64, 0x7, 0x8, 0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4, 0x21}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 4m4.635545799s ago: executing program 4 (id=3873): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 4m4.566211719s ago: executing program 4 (id=3875): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x14, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000003000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1}, 0xc) 3m49.51268613s ago: executing program 33 (id=3875): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x14, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000003000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1}, 0xc) 3m45.451396966s ago: executing program 0 (id=4249): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x3, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x6, 0x0, 0x200000}, 0x2}}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}}, 0x0) r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x2103, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140)) 3m45.145558547s ago: executing program 0 (id=4256): r0 = io_uring_setup(0x167c, &(0x7f00000003c0)={0x0, 0x800000, 0x400, 0x2, 0x201}) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000740)={&(0x7f0000002000)={[{0x0, 0x0, 0x3}, {0x0}, {0x0, 0x0, 0xfffe}, {0x0}]}, 0x4}, 0x1) io_uring_register$IORING_REGISTER_PBUF_STATUS(r0, 0x1a, &(0x7f0000000000), 0x1) 3m45.145039071s ago: executing program 0 (id=4258): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x11, &(0x7f0000000f40)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}, @snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1002}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x1e, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc) 3m45.055655844s ago: executing program 0 (id=4260): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 3m45.055383085s ago: executing program 0 (id=4262): r0 = socket$kcm(0x2, 0x922000000001, 0x106) sendmsg$inet(r0, &(0x7f0000003080)={0x0, 0x0, 0x0}, 0x24048045) setsockopt$sock_attach_bpf(r0, 0x1, 0x31, &(0x7f0000000000), 0x4) 3m43.546566032s ago: executing program 0 (id=4273): fanotify_init(0x200, 0x101000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x229) 3m43.516456282s ago: executing program 34 (id=4273): fanotify_init(0x200, 0x101000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x229) 58.450004265s ago: executing program 2 (id=7509): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x0, 0x25dfdbfe, {{0x53}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 58.058794105s ago: executing program 2 (id=7518): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x30}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0) 57.695477555s ago: executing program 2 (id=7524): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33822}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x2}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 57.664474933s ago: executing program 2 (id=7525): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 57.614113014s ago: executing program 2 (id=7526): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000200), 0x4) listen(r0, 0x0) 57.095716701s ago: executing program 2 (id=7530): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x277fffffffd, 0xf001, 0x1, r0}) 57.001954081s ago: executing program 35 (id=7530): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x277fffffffd, 0xf001, 0x1, r0}) 10.999894058s ago: executing program 7 (id=8468): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000003c0)={{@host}, 0xfff, 0x9, 0xff, 0xfffffffffffffffd, 0x7, 0x2, 0x1000000000ff6, 0x4cf050d6}) 10.905777831s ago: executing program 5 (id=8470): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') lseek(r0, 0x1000000, 0x0) 10.905463621s ago: executing program 6 (id=8471): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000140)=@attr_pmu_irq={0x0, 0x1, 0x1, 0x0}) 10.90382188s ago: executing program 7 (id=8473): io_setup(0x3, &(0x7f0000000180)=0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x20a02, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}]) 10.900018342s ago: executing program 5 (id=8474): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380000f, 0x11, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mbind(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x800004000000056, 0x3) 177.935398ms ago: executing program 1 (id=8475): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}, 0x4}, 0x1c) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7}) ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000)) 176.484467ms ago: executing program 5 (id=8476): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0xfffffffb) syz_emit_ethernet(0x5e, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x28, 0x6, 0xff, @local, @local, {[], {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xa, 0xc2, 0xffff, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0x11, 0x0, 0x11, 0x1, @loopback, 0xd9, "d0fb538e606fca"}]}}}}}}}}, 0x0) 171.759048ms ago: executing program 5 (id=8477): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d05, 0x0, 0x3}]}) 164.0101ms ago: executing program 6 (id=8478): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000008c0)=ANY=[@ANYBLOB="e0000000120009050000000000000000", @ANYRES32=0x0, @ANYBLOB="110000003a5d5db2542b5b5e265c5c4000000000d52791db233d0896402d1267b86ac517a485a23d0c3da32ce8f9b19fe043d3a6"], 0xe0}], 0x1}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}}, 0x0) writev(r0, &(0x7f0000000040), 0x2) 162.756091ms ago: executing program 7 (id=8479): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) read$FUSE(r1, 0x0, 0x0) 162.264996ms ago: executing program 1 (id=8480): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0x2d}, 0x6, 0x0, 0x3, 0x6, 0x0, 0x1}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b32, &(0x7f0000000040)) 162.136102ms ago: executing program 7 (id=8481): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r2, 0x303, 0x0, 0xfffffffc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 162.008734ms ago: executing program 6 (id=8482): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x14, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000008500000086000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r2, 0x1}, 0xc) 143.723514ms ago: executing program 6 (id=8483): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x11, r0, 0x0) 143.642545ms ago: executing program 1 (id=8484): r0 = socket$pppoe(0x18, 0x1, 0x0) syz_io_uring_setup(0x487, &(0x7f0000000240)={0x0, 0x59c0, 0x800, 0x1020, 0x5cc}, &(0x7f0000000300), &(0x7f0000000080), &(0x7f0000000000)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xffff, @broadcast, 'geneve0\x00'}}, 0x1e) 139.04314ms ago: executing program 7 (id=8485): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000107, 0x0, 0x6}]}) 133.35876ms ago: executing program 6 (id=8486): r0 = socket(0xa, 0x1, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000017c0)={0x3c, r2, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x55ebfcb85e78e904}, 0x4) 133.244465ms ago: executing program 1 (id=8487): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newtaction={0x5c, 0x30, 0x301, 0x0, 0xfffffffc, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x0, 0x8}}]}, {0xfddb, 0x6, "e80d5303b42e583a5c0b57701dac2778fd37b2c7e3184f6adb20ee6eb6dc12b7fa207305bc6a7bcd25070e76c732b45305769262161aca87f9b8f790d4cb8ae52d70c35a735f818685f659ca022308e54f55602486baabee52669de00f36ceafc1d7d0d908d6af82a00909d3dffc1324e1d41f9cd41886404c9c3a1cf673e65ce885e7c86270b3add7cf3c45d84b349265d9e0e5a7577c744d61be9bcd62c6d2d94412dc526fd4dbd44a44085430182f0000000000000000207b6f317ae90c67400dcd018e2dc2951eede12567163a10d3a8e9f40adc1606980eb04a647d60d3185ee509bdade806185edcacfa3874fafd3ac1e8b4c7118df22647f5110f618039ab5577e137cb90ad362000ae4a1d8e402983fd6414bc33bf395c3651c8e13a85b942f5baea438aebf491230b9c045bf77bfe197e423024c27c9c5cf2390741e9746663f407d37bcd8ac942a74e4c3ff290733dc1df8ea27ad1e0430178b549a3e96f29ec3de770abf74f2f47e4de9d266c934b1c6830b82c611f3ea8ee3604dab910aaf210cc68f19287167cccc6240e701382c1924230a5b98b61bb3511bf"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80d0}, 0x1800) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 133.18484ms ago: executing program 5 (id=8488): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={@ifindex, r0, 0x11, 0x4, r2, @void, @value=r2}, 0x20) 64.74884ms ago: executing program 5 (id=8489): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x123e00, 0x0) ioctl$TCSBRKP(r1, 0x5425, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x200000, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=r0]) 64.320074ms ago: executing program 1 (id=8490): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0xfc, 0x9, 0x40, 0x7fff, 0x2, 0x3e, 0xfffbffed, 0x294, 0x40, 0x1dd, 0xf, 0x0, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0x3, 0x4, 0xd, 0x1c8, 0xe6, 0x1004, 0x3}]}, 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 42.94676ms ago: executing program 1 (id=8491): r0 = fsopen(&(0x7f0000000340)='devpts\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00') 13.770585ms ago: executing program 7 (id=8492): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x80de02bd3ca0bfdb}, 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 0s ago: executing program 6 (id=8493): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') fchdir(r0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x900, 0x12) kernel console output (not intermixed with test programs): 24836] Buffer I/O error on dev loop6, logical block 0, async page read [ 259.268821][T24836] ldm_validate_partition_table(): Disk read failed. [ 259.271823][T24836] Buffer I/O error on dev loop6, logical block 0, async page read [ 259.275853][T24836] Buffer I/O error on dev loop6, logical block 0, async page read [ 259.279637][T24836] Dev loop6: unable to read RDB block 0 [ 259.282484][T24836] loop6: unable to read partition table [ 259.286228][T24836] loop_reread_partitions: partition scan of loop6 (irc VUXGZtM<I i8NL W@Q6%) failed (rc=-5) [ 259.355965][T24850] loop4: detected capacity change from 0 to 524287936 [ 259.863301][T24886] loop4: detected capacity change from 0 to 524287936 [ 260.070097][T24905] netlink: 'syz.5.5957': attribute type 1 has an invalid length. [ 260.498879][T24954] loop4: detected capacity change from 0 to 524287936 [ 260.929397][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.794512][ T34] usb 11-1: new high-speed USB device number 8 using dummy_hcd [ 261.954653][ T34] usb 11-1: Using ep0 maxpacket: 16 [ 261.960043][ T34] usb 11-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 261.963762][ T34] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.967333][ T34] usb 11-1: Product: syz [ 261.969224][ T34] usb 11-1: Manufacturer: syz [ 261.971443][ T34] usb 11-1: SerialNumber: syz [ 262.114636][ T10] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 262.187738][ T34] usb 11-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 262.192166][ T34] usb 11-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 262.196206][ T34] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 262.198962][ T34] usb 11-1: media controller created [ 262.205895][ T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 262.275426][ T10] usb 10-1: Using ep0 maxpacket: 16 [ 262.279610][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 262.284178][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 262.288195][ T10] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 262.293357][ T10] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 262.297223][ T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.302665][ T10] usb 10-1: config 0 descriptor?? [ 262.392223][ T34] zl10353_read_register: readreg error (reg=127, ret==-71) [ 262.408787][ T34] dvb_usb_gl861 11-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 262.412983][ T34] usb 11-1: USB disconnect, device number 8 [ 262.737045][ T10] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:05AC:8241.0009/input/input22 [ 262.821582][ T10] appleir 0003:05AC:8241.0009: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0 qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xa8000) [ 262.932271][ T1337] usb 10-1: USB disconnect, device number 10 [ 262.975640][ T1125] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 262.978198][ T1125] ata1: failed to read log page 10h (errno=-5) [ 262.981084][ T1125] ata1.00: NCQ disabled due to excessive errors [ 262.983173][ T1125] ata1.00: exception Emask 0x1 SAct 0x40000000 SErr 0x0 action 0x0 [ 262.986071][ T1125] ata1.00: irq_stat 0x41000000 [ 262.987655][ T1125] ata1.00: failed command: READ FPDMA QUEUED [ 262.989731][ T1125] ata1.00: cmd 60/40:f0:3e:7b:03/05:00:00:00:00/40 tag 30 ncq dma 688128 in [ 262.989731][ T1125] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 262.997617][ T1125] ata1.00: status: { DRDY } [ 262.999153][ T1125] ata1.00: error: { ABRT } [ 263.002677][ T1125] ata1.00: configured for UDMA/100 [ 263.005072][ T1125] sd 0:0:0:0: [sda] tag#30 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 263.009196][ T1125] sd 0:0:0:0: [sda] tag#30 Sense Key : Aborted Command [current] [ 263.012235][ T1125] sd 0:0:0:0: [sda] tag#30 Add. Sense: No additional sense information [ 263.015781][ T1125] sd 0:0:0:0: [sda] tag#30 CDB: Read(10) 28 00 00 03 7b 3e 00 05 40 00 [ 263.019758][ T1125] blk_print_req_error: 25 callbacks suppressed [ 263.019772][ T1125] I/O error, dev sda, sector 228158 op 0x0:(READ) flags 0x84700 phys_seg 168 prio class 2 [ 263.027718][ T1125] ata1: EH complete [ 263.041454][T25074] loop5: detected capacity change from 0 to 7 [ 263.051199][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.056790][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.060742][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.066312][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.069371][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.072460][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.075618][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.078805][T25074] ldm_validate_partition_table(): Disk read failed. [ 263.081074][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.085874][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 263.091528][T25074] Dev loop5: unable to read RDB block 0 [ 263.149663][T25074] loop5: unable to read partition table [ 263.151605][T25074] loop5: partition table beyond EOD, truncated [ 263.153717][T25074] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 263.172794][T25051] fido_id[25051]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb10/report_descriptor': No such file or directory [ 263.294495][ T6040] usb 11-1: new high-speed USB device number 9 using dummy_hcd [ 263.467244][ T6040] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 263.474058][ T6040] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 263.484954][ T6040] usb 11-1: config 0 interface 0 has no altsetting 0 [ 263.490311][ T6040] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 263.494646][ T6040] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 263.498498][ T6040] usb 11-1: Product: syz [ 263.500395][ T6040] usb 11-1: Manufacturer: syz [ 263.502462][ T6040] usb 11-1: SerialNumber: syz [ 263.506972][ T6040] usb 11-1: config 0 descriptor?? [ 263.519370][ T6040] hub 11-1:0.0: bad descriptor, ignoring hub [ 263.524536][ T6040] hub 11-1:0.0: probe with driver hub failed with error -5 [ 263.534995][ T6040] usb 11-1: selecting invalid altsetting 0 [ 263.908756][T25134] nbd1: detected capacity change from 0 to 64 [ 263.926798][ T5962] block nbd1: Receive control failed (result -104) [ 264.124706][T25078] usb 11-1: reset high-speed USB device number 9 using dummy_hcd [ 264.286545][T25078] usb 11-1: device firmware changed [ 264.295990][ T6041] usb 11-1: USB disconnect, device number 9 [ 264.445046][ T6041] usb 11-1: new high-speed USB device number 10 using dummy_hcd [ 264.600154][ T6041] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 264.603642][ T6041] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 264.611298][ T6041] usb 11-1: config 0 interface 0 has no altsetting 0 [ 264.620988][ T6041] usb 11-1: string descriptor 0 read error: -22 [ 264.623710][ T6041] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 264.629061][ T6041] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 264.636880][ T6041] usb 11-1: config 0 descriptor?? [ 264.642673][ T6041] hub 11-1:0.0: bad descriptor, ignoring hub [ 264.645890][ T6041] hub 11-1:0.0: probe with driver hub failed with error -5 [ 264.650834][ T6041] usb 11-1: selecting invalid altsetting 0 [ 264.955905][ T6041] usb 11-1: USB disconnect, device number 10 [ 265.393657][T25244] loop4: detected capacity change from 0 to 524287936 [ 265.488404][T25259] input: syz1 as /devices/virtual/input/input23 [ 265.636363][T25285] syz_tun: entered allmulticast mode [ 265.643402][T25284] syz_tun: left allmulticast mode [ 265.762658][T25293] mkiss: ax0: crc mode is auto. [ 266.435025][ T6041] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 266.557792][T25351] kvm_intel: kvm [25350]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3 [ 266.584940][ T6041] usb 6-1: Using ep0 maxpacket: 8 [ 266.587870][ T6041] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 266.590594][ T6041] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 266.593729][ T6041] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 266.597322][ T6041] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 266.600418][ T6041] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 266.605125][ T6041] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 266.609243][ T6041] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.819344][ T6041] usb 6-1: GET_CAPABILITIES returned 0 [ 266.821167][ T6041] usbtmc 6-1:16.0: can't read capabilities [ 267.030464][ T6041] usb 6-1: USB disconnect, device number 17 [ 267.307303][ T6021] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 267.528881][T25423] loop4: detected capacity change from 0 to 7 [ 267.534866][ C0] buffer_io_error: 28 callbacks suppressed [ 267.534879][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.542665][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.546323][ C3] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.548996][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.552379][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.555722][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.559124][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.562445][T25423] ldm_validate_partition_table(): Disk read failed. [ 267.566301][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.568985][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.575099][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 267.575503][ T40] audit: type=1326 audit(2000000372.759:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25424 comm="syz.2.6077" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feefcc code=0x0 [ 267.579037][T25423] Dev loop4: unable to read RDB block 0 [ 267.586662][T25423] loop4: unable to read partition table [ 267.588623][T25423] loop4: partition table beyond EOD, truncated [ 267.593883][T25423] loop_reread_partitions: partition scan of loop4 (Cj̖P=ý?}X %֐ȵ4FLQk݊5) failed (rc=-5) [ 268.416287][ T5965] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 268.427893][ T5965] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 268.432258][ T5965] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 268.438067][ T5965] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 268.446318][ T5965] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 268.609008][T25462] chnl_net:caif_netlink_parms(): no params data found [ 268.692043][T25462] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.695423][T25462] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.698572][T25462] bridge_slave_0: entered allmulticast mode [ 268.702548][T25462] bridge_slave_0: entered promiscuous mode [ 268.707806][T25462] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.710959][T25462] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.714188][T25462] bridge_slave_1: entered allmulticast mode [ 268.718611][T25462] bridge_slave_1: entered promiscuous mode [ 268.749095][T25462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.753903][T25462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.781540][T25462] team0: Port device team_slave_0 added [ 268.785026][T25462] team0: Port device team_slave_1 added [ 268.815910][T25462] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.818625][T25462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 268.830220][T25462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.838513][T25462] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.841292][T25462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 268.844936][ T3264] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 268.854439][T25462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.902890][T25462] hsr_slave_0: entered promiscuous mode [ 268.907332][T25462] hsr_slave_1: entered promiscuous mode [ 268.910470][T25462] debugfs: 'hsr0' already exists in 'hsr' [ 268.913108][T25462] Cannot create hsr debugfs directory [ 269.036411][ T3264] usb 11-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 269.045191][ T3264] usb 11-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 269.052036][ T3264] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.055944][ T3264] usb 11-1: Product: syz [ 269.057707][ T3264] usb 11-1: Manufacturer: syz [ 269.059645][ T3264] usb 11-1: SerialNumber: syz [ 269.062980][T25457] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 269.067820][T25457] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 269.172872][T25462] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 269.181577][T25462] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.282498][ T6041] usb 11-1: USB disconnect, device number 11 [ 269.530630][ T40] audit: type=1326 audit(2000000374.709:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25757 comm="syz.1.6092" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f83fcc code=0x0 [ 269.545990][T25462] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 269.550377][T25462] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.896136][T25765] tipc: New replicast peer: 255.255.255.255 [ 269.899484][T25765] tipc: Enabled bearer , priority 5 [ 270.078649][T25462] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.082202][T25462] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.294199][T25789] __nla_validate_parse: 3 callbacks suppressed [ 270.294214][T25789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6102'. [ 270.302118][T25789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6102'. [ 270.356406][T25462] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.361095][T25462] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.422971][T25790] sp0: Synchronizing with TNC [ 270.514587][ T5962] Bluetooth: hci2: command tx timeout [ 270.556335][ T2200] block nbd1: Connection timed out, retrying (0/1 alive) [ 270.566823][ T2200] block nbd1: Dead connection, failed to find a fallback [ 270.570597][ T2200] block nbd1: shutting down sockets [ 270.573207][ T2200] blk_print_req_error: 31 callbacks suppressed [ 270.573224][ T2200] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.586762][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.591487][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.596352][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.600389][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.603757][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.611143][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.614759][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.617657][T13362] ldm_validate_partition_table(): Disk read failed. [ 270.619795][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.622866][T13362] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 270.626549][T13362] Dev nbd1: unable to read RDB block 0 [ 270.631181][T13362] nbd1: unable to read partition table [ 270.640770][T13362] ldm_validate_partition_table(): Disk read failed. [ 270.645078][T13362] Dev nbd1: unable to read RDB block 0 [ 270.647167][T13362] nbd1: unable to read partition table [ 271.215269][ T46] bridge_slave_1: left promiscuous mode [ 271.217376][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.285552][ T46] bridge_slave_0: left allmulticast mode [ 271.287589][ T46] bridge_slave_0: left promiscuous mode [ 271.289512][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.315945][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 272.405714][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 272.417138][ T46] bond0 (unregistering): Released all slaves [ 272.515825][T25462] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 272.563330][T25462] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 272.604583][ T5962] Bluetooth: hci2: command tx timeout [ 272.660526][T25462] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 272.714238][T25462] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 272.718212][T25462] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 272.758286][T25462] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 272.762257][T25462] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 272.827628][T25462] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 272.879683][T25910] binder: BINDER_SET_CONTEXT_MGR already set [ 272.886140][T25910] binder: 25907:25910 ioctl 4018620d 80004a80 returned -16 [ 273.239816][T25462] 8021q: adding VLAN 0 to HW filter on device bond0 [ 273.281244][T25462] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.289599][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.292222][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.298602][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.301550][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.895061][ T46] hsr_slave_0: left promiscuous mode [ 273.944997][ T46] hsr_slave_1: left promiscuous mode [ 273.947073][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.949508][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 274.005827][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 274.008400][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 274.095554][ T46] batadv_slave_1: left promiscuous mode [ 274.098074][ T46] veth1_macvtap: left promiscuous mode [ 274.100433][ T46] veth1_vlan: left promiscuous mode [ 274.102490][ T46] veth0_vlan: left promiscuous mode [ 274.676147][ T46] team0 (unregistering): Port device team_slave_1 removed [ 274.684846][ T5962] Bluetooth: hci2: command tx timeout [ 274.715503][ T46] team0 (unregistering): Port device team_slave_0 removed [ 274.969603][T25462] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.128332][T25462] veth0_vlan: entered promiscuous mode [ 275.133826][T25462] veth1_vlan: entered promiscuous mode [ 275.160407][T25462] veth0_macvtap: entered promiscuous mode [ 275.168426][T25462] veth1_macvtap: entered promiscuous mode [ 275.178286][T25462] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.184252][T25462] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.190745][ T519] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.194335][ T519] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.204300][ T519] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.209312][ T519] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.400077][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.403845][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.423123][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.428345][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.591127][T26033] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6151'. [ 276.754522][ T5962] Bluetooth: hci2: command tx timeout [ 276.895212][ T3264] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 277.054665][ T3264] usb 10-1: Using ep0 maxpacket: 8 [ 277.060706][ T3264] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 277.063496][ T3264] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 277.066933][ T3264] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 277.069994][ T3264] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 277.073324][ T3264] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 277.077935][ T3264] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 277.080830][ T3264] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.301441][ T3264] usb 10-1: GET_CAPABILITIES returned 0 [ 277.303236][ T3264] usbtmc 10-1:16.0: can't read capabilities [ 277.503452][T18704] usb 10-1: USB disconnect, device number 11 [ 277.584674][ T39] usb 11-1: new high-speed USB device number 12 using dummy_hcd [ 277.744666][ T39] usb 11-1: Using ep0 maxpacket: 8 [ 277.747487][ T39] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 277.750924][ T39] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 277.753997][ T39] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 277.757254][ T39] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 277.761207][ T39] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 277.764091][ T39] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.977598][ T39] usb 11-1: GET_CAPABILITIES returned 0 [ 277.979355][ T39] usbtmc 11-1:16.0: can't read capabilities [ 278.183415][T18704] usb 11-1: USB disconnect, device number 12 [ 278.237798][T26234] netlink: 'syz.5.6198': attribute type 4 has an invalid length. [ 278.240363][T26234] netlink: 'syz.5.6198': attribute type 1 has an invalid length. [ 278.242851][T26234] netlink: 'syz.5.6198': attribute type 3 has an invalid length. [ 278.245414][T26234] netlink: 184 bytes leftover after parsing attributes in process `syz.5.6198'. [ 278.248200][T26234] NCSI netlink: No device for ifindex 830110067 [ 278.292015][T26237] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6199'. [ 278.295148][T26237] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6199'. [ 278.298163][T26237] netlink: 'syz.5.6199': attribute type 13 has an invalid length. [ 278.300819][T26237] netlink: 'syz.5.6199': attribute type 14 has an invalid length. [ 279.814547][T19086] usb 11-1: new high-speed USB device number 13 using dummy_hcd [ 279.985835][T19086] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 279.990282][T19086] usb 11-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 279.995878][T19086] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 280.000943][T19086] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 280.007782][T19086] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 280.014814][T19086] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 280.019390][T19086] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 280.021957][T19086] usb 11-1: Product: syz [ 280.023279][T19086] usb 11-1: Manufacturer: syz [ 280.034332][T19086] cdc_wdm 11-1:1.0: skipping garbage [ 280.037545][T19086] cdc_wdm 11-1:1.0: skipping garbage [ 280.048043][T19086] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 280.050276][T19086] cdc_wdm 11-1:1.0: Unknown control protocol [ 280.267556][T18706] usb 11-1: USB disconnect, device number 13 [ 281.681656][T26410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6248'. [ 281.832110][T26429] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6255'. [ 281.837676][T26429] netem: unknown loss type 0 [ 281.842075][T26429] netem: change failed [ 281.844557][T26431] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6256'. [ 281.859462][T26431] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6256'. [ 281.962281][ T40] audit: type=1326 audit(2000000643.139:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 281.983055][ T40] audit: type=1326 audit(2000000643.139:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 281.995197][ T40] audit: type=1326 audit(2000000643.139:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 282.003128][ T40] audit: type=1326 audit(2000000643.139:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 282.022083][ T40] audit: type=1326 audit(2000000643.139:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 282.034353][ T40] audit: type=1326 audit(2000000643.139:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 282.054503][ T40] audit: type=1326 audit(2000000643.139:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 282.061342][ T40] audit: type=1326 audit(2000000643.139:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26443 comm="syz.1.6261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 283.216434][T26502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6280'. [ 283.353898][T26522] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6288'. [ 283.405320][T26527] program syz.2.6290 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 283.608683][T26543] nr0: tun_chr_ioctl cmd 21731 [ 284.415907][T26579] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6305'. [ 285.143854][T26664] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6333'. [ 285.324735][ T34] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 285.504505][ T34] usb 10-1: Using ep0 maxpacket: 8 [ 285.507463][ T34] usb 10-1: config 0 has an invalid interface number: 186 but max is 0 [ 285.510206][ T34] usb 10-1: config 0 has no interface number 0 [ 285.512238][ T34] usb 10-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 285.515905][ T34] usb 10-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8 [ 285.519534][ T34] usb 10-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 285.523642][ T34] usb 10-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 285.529813][ T34] usb 10-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 285.538181][ T34] usb 10-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 285.542830][ T34] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.547937][ T34] usb 10-1: Product: syz [ 285.549322][ T34] usb 10-1: Manufacturer: syz [ 285.553057][ T34] usb 10-1: SerialNumber: syz [ 285.558428][ T34] usb 10-1: config 0 descriptor?? [ 285.743109][T26731] netlink: 'syz.1.6349': attribute type 9 has an invalid length. [ 285.747676][T26731] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6349'. [ 285.777494][ T34] iowarrior 10-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 285.985518][ T39] usb 10-1: USB disconnect, device number 12 [ 286.675443][T26829] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 286.682692][T26829] 8021q: adding VLAN 0 to HW filter on device macsec3 [ 287.213968][T26870] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 287.669277][T26891] tun0: tun_chr_ioctl cmd 1074025675 [ 287.673830][T26891] tun0: persist disabled [ 289.884504][ T39] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 290.044564][ T39] usb 11-1: Using ep0 maxpacket: 32 [ 290.047618][ T39] usb 11-1: config index 0 descriptor too short (expected 156, got 27) [ 290.050383][ T39] usb 11-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 290.053933][ T39] usb 11-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 290.057540][ T39] usb 11-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 290.061738][ T39] usb 11-1: config 0 interface 0 has no altsetting 0 [ 290.066012][ T39] usb 11-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 290.069062][ T39] usb 11-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 290.072028][ T39] usb 11-1: Product: syz [ 290.073420][ T39] usb 11-1: Manufacturer: syz [ 290.075019][ T39] usb 11-1: SerialNumber: syz [ 290.082989][ T39] usb 11-1: config 0 descriptor?? [ 290.086417][ T39] ldusb 11-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 290.091123][ T39] ldusb 11-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 290.299836][T26960] ldusb 11-1:0.0: Write buffer overflow, 64987 bytes dropped [ 290.352373][ T39] usb 11-1: USB disconnect, device number 14 [ 290.353954][ C3] ldusb 11-1:0.0: usb_submit_urb failed (-19) [ 290.356976][T26960] ldusb 11-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 290.365936][ T39] ldusb 11-1:0.0: LD USB Device #0 now disconnected [ 290.622853][T27010] netlink: 'syz.5.6425': attribute type 10 has an invalid length. [ 290.624970][T27004] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 290.676975][T27014] netlink: 14 bytes leftover after parsing attributes in process `syz.5.6425'. [ 290.733503][T27010] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 290.736864][T27010] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 290.846210][T27014] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.935706][T27014] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.995546][T27014] bond0 (unregistering): (slave netdevsim0): Releasing backup interface [ 291.116839][T27014] bond0 (unregistering): Released all slaves [ 291.851974][T27085] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6445'. [ 292.534484][ T6023] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 292.691078][ T6023] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 292.696634][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.699576][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.703161][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.706408][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.709290][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.712728][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.716188][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.719052][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.722621][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.725954][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.729242][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.733832][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.737642][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.740684][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.744262][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.747474][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.750359][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.753989][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.759889][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.762754][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.766263][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.769697][ T6023] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 292.773884][ T6023] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 292.777795][ T6023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 292.782552][ T6023] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 292.785767][ T6023] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 292.788521][ T6023] usb 6-1: Product: syz [ 292.789920][ T6023] usb 6-1: Manufacturer: syz [ 292.791490][ T6023] usb 6-1: SerialNumber: syz [ 292.797395][ T6023] usb 6-1: config 0 descriptor?? [ 292.804138][ T6023] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 293.049603][T27169] netlink: 'syz.2.6473': attribute type 6 has an invalid length. [ 293.056367][T27169] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 293.060974][T27169] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.061921][ T6021] usb 6-1: USB disconnect, device number 18 [ 293.064335][ C0] usb 6-1: yurex_control_callback - control failed: -71 [ 293.073084][ T6021] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 293.149737][ T40] audit: type=1326 audit(2000000654.329:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27182 comm="syz.2.6475" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feefcc code=0x0 [ 293.805143][T18706] usb 11-1: new high-speed USB device number 15 using dummy_hcd [ 293.815367][ T40] audit: type=1326 audit(2000000654.999:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.824510][ T40] audit: type=1326 audit(2000000654.999:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.833223][ T40] audit: type=1326 audit(2000000654.999:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.844567][ T40] audit: type=1326 audit(2000000655.009:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.853377][ T40] audit: type=1326 audit(2000000655.009:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.862680][ T40] audit: type=1326 audit(2000000655.009:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.870790][ T40] audit: type=1326 audit(2000000655.009:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.882827][ T40] audit: type=1326 audit(2000000655.009:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.893587][ T40] audit: type=1326 audit(2000000655.009:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27235 comm="syz.1.6487" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f83fcc code=0x7ffc0000 [ 293.957842][T18706] usb 11-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 293.961045][T18706] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.963699][T18706] usb 11-1: Product: syz [ 293.966059][T18706] usb 11-1: Manufacturer: syz [ 293.968174][T18706] usb 11-1: SerialNumber: syz [ 294.209807][T18706] rtl8150 11-1:1.0: couldn't reset the device [ 294.213893][T18706] rtl8150 11-1:1.0: probe with driver rtl8150 failed with error -5 [ 294.219955][T18706] usb 11-1: USB disconnect, device number 15 [ 294.664581][ T34] usb 10-1: new full-speed USB device number 13 using dummy_hcd [ 294.826572][ T34] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 294.830596][ T34] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 294.833541][ T34] usb 10-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 294.837417][ T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.844784][ T34] usb 10-1: config 0 descriptor?? [ 294.849522][ T34] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 294.853827][ T34] dvb-usb: bulk message failed: -22 (3/0) [ 294.865059][ T34] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 294.868284][ T34] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 294.870694][ T34] usb 10-1: media controller created [ 294.873236][ T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 294.888037][ T34] dvb-usb: bulk message failed: -22 (6/0) [ 294.902578][ T34] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 294.906996][ T34] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb10/10-1/input/input25 [ 294.918756][ T34] dvb-usb: schedule remote query interval to 150 msecs. [ 294.921458][ T34] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 295.009330][T27328] bpf: Bad value for 'uid' [ 295.059256][ T34] usb 10-1: USB disconnect, device number 13 [ 295.065801][T27335] netlink: 'syz.1.6509': attribute type 25 has an invalid length. [ 295.068300][T27335] netlink: 'syz.1.6509': attribute type 1 has an invalid length. [ 295.070883][T27335] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.106082][T27339] netlink: 264 bytes leftover after parsing attributes in process `syz.1.6511'. [ 295.148557][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.152385][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.158516][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.160941][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.163267][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.171044][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.172223][ T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 295.173610][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.182791][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.186140][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.188627][T18706] hid-generic 0103:0004:0000.000A: unknown main item tag 0x0 [ 295.195502][T18706] hid-generic 0103:0004:0000.000A: hidraw0: HID v0.02 Device [syz1] on syz1 [ 295.295009][T27376] macvlan0: entered promiscuous mode [ 295.301183][T27376] netlink: 'syz.2.6518': attribute type 1 has an invalid length. [ 295.304463][T27376] netlink: 'syz.2.6518': attribute type 2 has an invalid length. [ 295.425191][T18704] usb 11-1: new high-speed USB device number 16 using dummy_hcd [ 295.512141][T27391] pimreg: entered allmulticast mode [ 295.518650][T27391] pimreg: left allmulticast mode [ 295.574942][T18704] usb 11-1: Using ep0 maxpacket: 32 [ 295.580887][T18704] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.585642][T18704] usb 11-1: config 0 has no interfaces? [ 295.589929][T18704] usb 11-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 295.592856][T27397] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6534'. [ 295.593410][T18704] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.599557][T18704] usb 11-1: Product: syz [ 295.601337][T18704] usb 11-1: Manufacturer: syz [ 295.603360][T18704] usb 11-1: SerialNumber: syz [ 295.609099][T18704] usb 11-1: config 0 descriptor?? [ 295.817089][T18704] usb 11-1: USB disconnect, device number 16 [ 295.826262][T27422] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6535'. [ 296.966216][T27494] mkiss: ax0: crc mode is auto. [ 297.181071][ T5965] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 297.192569][ T5965] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 297.202243][ T5965] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 297.206463][ T5965] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 297.209868][ T5965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 297.291096][ T13] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.534893][ T6021] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 297.597290][T27521] kvm_intel: kvm [27520]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3 [ 297.690147][ T13] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.750375][T27523] syz_tun: entered allmulticast mode [ 297.757207][T27516] syz_tun: left allmulticast mode [ 297.797673][T27540] input: syz1 as /devices/virtual/input/input26 [ 298.060279][ T13] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.187566][T27510] chnl_net:caif_netlink_parms(): no params data found [ 298.398018][ T13] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.481828][T27510] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.485057][T27510] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.487390][T27510] bridge_slave_0: entered allmulticast mode [ 298.490036][T27510] bridge_slave_0: entered promiscuous mode [ 298.496235][T27510] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.498509][T27510] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.500744][T27510] bridge_slave_1: entered allmulticast mode [ 298.503461][T27510] bridge_slave_1: entered promiscuous mode [ 298.551082][T27661] Bluetooth: MGMT ver 1.23 [ 298.566652][T27510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 298.575115][T27510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 298.600637][T27510] team0: Port device team_slave_0 added [ 298.603702][T27510] team0: Port device team_slave_1 added [ 298.623722][T27510] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 298.626465][T27510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 298.638253][T27510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 298.645292][T27510] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 298.647584][T27510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 298.657134][T27510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 298.713321][T27510] hsr_slave_0: entered promiscuous mode [ 298.716067][T27510] hsr_slave_1: entered promiscuous mode [ 299.234815][ T5965] Bluetooth: hci0: command tx timeout [ 299.365071][ T13] bridge_slave_1: left allmulticast mode [ 299.366883][ T13] bridge_slave_1: left promiscuous mode [ 299.370708][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.485459][ T13] bridge_slave_0: left allmulticast mode [ 299.487352][ T13] bridge_slave_0: left promiscuous mode [ 299.489292][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.545259][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.607142][ T13] bond0 (unregistering): (slave c@0): Releasing backup interface [ 300.686019][ T13] bond0 (unregistering): Released all slaves [ 300.835222][ T6021] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 301.263853][ T13] tipc: Left network mode [ 301.324684][ T5965] Bluetooth: hci0: command tx timeout [ 301.549560][ T5666] 8021q: adding VLAN 0 to HW filter on device eth14 [ 301.741013][ T5666] 8021q: adding VLAN 0 to HW filter on device eth15 [ 301.856757][T27876] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6589'. [ 302.205909][T27874] batadv_slave_0: entered promiscuous mode [ 302.490478][T27872] batadv_slave_0: left promiscuous mode [ 303.145010][ T13] hsr_slave_0: left promiscuous mode [ 303.194686][ T13] hsr_slave_1: left promiscuous mode [ 303.197818][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.201000][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.245420][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.248621][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.325591][ T13] veth1_macvtap: left promiscuous mode [ 303.328029][ T13] veth1_vlan: left promiscuous mode [ 303.330228][ T13] veth0_vlan: left promiscuous mode [ 303.394546][ T5965] Bluetooth: hci0: command tx timeout [ 303.925598][ T13] team0 (unregistering): Port device team_slave_1 removed [ 303.975050][ T13] team0 (unregistering): Port device team_slave_0 removed [ 304.148852][T27510] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 304.176671][T27510] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 304.179299][T27510] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 304.226682][T27510] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 304.229262][T27510] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 304.296571][T27510] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 304.299257][T27510] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 304.336820][T27510] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 304.409662][T27510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 304.424768][T27510] 8021q: adding VLAN 0 to HW filter on device team0 [ 304.435490][ T168] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.437957][ T168] bridge0: port 1(bridge_slave_0) entered forwarding state [ 304.441509][ T168] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.443735][ T168] bridge0: port 2(bridge_slave_1) entered forwarding state [ 304.578750][T27510] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 304.743524][T27510] veth0_vlan: entered promiscuous mode [ 304.749983][T27510] veth1_vlan: entered promiscuous mode [ 304.764886][T27510] veth0_macvtap: entered promiscuous mode [ 304.769184][T27510] veth1_macvtap: entered promiscuous mode [ 304.779385][T27510] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 304.786357][T27510] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 304.792789][ T60] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.796711][ T60] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.802460][ T60] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.808212][ T60] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.986002][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.989926][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.003039][ T224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.006269][ T224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.219017][T27950] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.6585'. [ 305.474799][ T5965] Bluetooth: hci0: command tx timeout [ 305.525679][T27984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6599'. [ 305.533243][T27984] netlink: 72 bytes leftover after parsing attributes in process `syz.1.6599'. [ 308.517930][T28204] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6664'. [ 308.520901][T28204] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6664'. [ 308.524458][T28204] netlink: 'syz.6.6664': attribute type 13 has an invalid length. [ 308.529345][T28204] netlink: 'syz.6.6664': attribute type 14 has an invalid length. [ 311.553352][T28315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6704'. [ 312.244465][ T34] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 312.415956][ T34] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 312.418811][ T34] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 312.422046][ T34] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 312.425070][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 312.428593][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 312.434237][ T34] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 312.438067][ T34] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 312.441092][ T34] usb 10-1: Product: syz [ 312.442735][ T34] usb 10-1: Manufacturer: syz [ 312.449994][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 312.452126][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 312.459848][ T34] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 312.462136][ T34] cdc_wdm 10-1:1.0: Unknown control protocol [ 312.661770][ T34] usb 10-1: USB disconnect, device number 14 [ 313.209140][T28390] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6715'. [ 313.212402][T28390] netem: unknown loss type 0 [ 313.214466][T28390] netem: change failed [ 313.581077][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 313.581096][ T40] audit: type=1326 audit(2000000674.759:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.593680][ T40] audit: type=1326 audit(2000000674.759:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.603135][ T40] audit: type=1326 audit(2000000674.759:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.611231][ T40] audit: type=1326 audit(2000000674.759:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.619103][ T40] audit: type=1326 audit(2000000674.759:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.626635][ T40] audit: type=1326 audit(2000000674.759:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.633967][ T40] audit: type=1326 audit(2000000674.759:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28413 comm="syz.5.6722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 313.694083][T28429] program syz.6.6728 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 313.920379][T28461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6736'. [ 314.669757][T28507] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6757'. [ 315.942322][T28622] netlink: 'syz.5.6798': attribute type 25 has an invalid length. [ 315.945864][T28622] netlink: 'syz.5.6798': attribute type 1 has an invalid length. [ 315.948754][T28622] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.042994][ T5962] Bluetooth: hci2: hcon ffff888012c64000 sent 0 < count 3 [ 316.046668][ T5962] Bluetooth: hci2: hcon ffff888012c64000 sent 0 < count 6 [ 316.114569][ T5965] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 316.115173][ T5962] Bluetooth: hci4: command 0xfc11 tx timeout [ 316.614554][ T6021] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 316.663448][T28694] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 316.774490][ T6021] usb 6-1: Using ep0 maxpacket: 8 [ 316.779408][T28709] batadv_slave_0: entered promiscuous mode [ 316.782233][T28708] batadv_slave_0: left promiscuous mode [ 316.782966][ T6021] usb 6-1: config 0 has an invalid interface number: 186 but max is 0 [ 316.787466][ T6021] usb 6-1: config 0 has no interface number 0 [ 316.789502][ T6021] usb 6-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 316.793258][ T6021] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8 [ 316.800307][ T6021] usb 6-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 316.804170][ T6021] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 316.809091][ T6021] usb 6-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 316.819330][ T6021] usb 6-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 316.823197][ T6021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.826829][ T6021] usb 6-1: Product: syz [ 316.828543][ T6021] usb 6-1: Manufacturer: syz [ 316.832057][ T6021] usb 6-1: SerialNumber: syz [ 316.837471][ T6021] usb 6-1: config 0 descriptor?? [ 316.862193][T28713] netdevsim netdevsim6 netdevsim0: entered promiscuous mode [ 316.868722][T28713] 8021q: adding VLAN 0 to HW filter on device macsec1 [ 317.059528][ T6021] iowarrior 6-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 317.115628][T28731] loop5: detected capacity change from 0 to 7 [ 317.121952][ C3] blk_print_req_error: 27 callbacks suppressed [ 317.121971][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 317.128561][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.132688][ C2] buffer_io_error: 47 callbacks suppressed [ 317.132705][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.140860][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.144930][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.148637][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.152546][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.156939][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.160724][ C3] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.164220][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.167495][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.219104][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.222822][ C3] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.226854][ C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.230682][ C3] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.236224][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.239060][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.242049][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.244971][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.247966][ C3] Buffer I/O error on dev loop5, logical block 0, async page read [ 317.251485][T28731] ldm_validate_partition_table(): Disk read failed. [ 317.253960][T28731] Dev loop5: unable to read RDB block 0 [ 317.256249][T28731] loop5: unable to read partition table [ 317.258085][T28731] loop5: partition table beyond EOD, truncated [ 317.260219][T28731] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 317.275546][ T10] usb 6-1: USB disconnect, device number 19 [ 318.525614][T28816] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 318.657252][T28829] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6856'. [ 319.849546][T28866] tipc: New replicast peer: 255.255.255.255 [ 319.852804][T28866] tipc: Enabled bearer , priority 5 [ 319.894196][T28870] netlink: 'syz.1.6869': attribute type 6 has an invalid length. [ 319.898055][T28870] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 319.902823][T28870] bridge0: port 3(batadv0) entered disabled state [ 319.907569][T28870] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.049925][T28878] netlink: 'syz.6.6873': attribute type 10 has an invalid length. [ 320.101672][T28885] netlink: 14 bytes leftover after parsing attributes in process `syz.6.6873'. [ 320.245585][T28885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 320.325769][T28885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 320.366786][T28885] bond0 (unregistering): Released all slaves [ 320.394757][ T168] batman_adv: batadv0: MLD Querier appeared [ 320.590563][ T40] audit: type=1326 audit(2000000681.769:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.598089][ T40] audit: type=1326 audit(2000000681.769:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.605732][ T40] audit: type=1326 audit(2000000681.769:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.612776][ T40] audit: type=1326 audit(2000000681.789:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.621461][ T40] audit: type=1326 audit(2000000681.789:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.629423][ T40] audit: type=1326 audit(2000000681.789:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.637047][ T40] audit: type=1326 audit(2000000681.789:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.644502][ T34] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 320.647036][ T40] audit: type=1326 audit(2000000681.789:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.657667][ T40] audit: type=1326 audit(2000000681.789:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.658073][T28915] netlink: 264 bytes leftover after parsing attributes in process `syz.5.6890'. [ 320.665196][ T40] audit: type=1326 audit(2000000681.789:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.5.6880" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 320.808380][ T34] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 320.812416][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.816059][ T34] usb 6-1: Product: syz [ 320.817974][ T34] usb 6-1: Manufacturer: syz [ 320.820034][ T34] usb 6-1: SerialNumber: syz [ 321.061715][ T34] rtl8150 6-1:1.0: couldn't reset the device [ 321.063837][ T34] rtl8150 6-1:1.0: probe with driver rtl8150 failed with error -5 [ 321.072410][ T34] usb 6-1: USB disconnect, device number 20 [ 321.145358][ T6021] tipc: Node number set to 1 [ 321.245515][T28967] macvlan0: entered promiscuous mode [ 321.258962][T28967] netlink: 'syz.5.6893': attribute type 1 has an invalid length. [ 321.261507][T28967] netlink: 'syz.5.6893': attribute type 2 has an invalid length. [ 321.417918][T28987] pimreg: entered allmulticast mode [ 321.425377][T28987] pimreg: left allmulticast mode [ 321.441188][T28992] bpf: Bad value for 'uid' [ 322.362421][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.575001][ T3264] usb 11-1: new high-speed USB device number 17 using dummy_hcd [ 326.734694][ T3264] usb 11-1: Using ep0 maxpacket: 8 [ 326.741202][ T3264] usb 11-1: config 0 has an invalid interface number: 186 but max is 0 [ 326.744850][ T3264] usb 11-1: config 0 has no interface number 0 [ 326.747433][ T3264] usb 11-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 326.752092][ T3264] usb 11-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8 [ 326.758167][ T3264] usb 11-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 326.762985][ T3264] usb 11-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 326.768251][ T3264] usb 11-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 326.774244][ T3264] usb 11-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 326.777399][ T3264] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.779962][ T3264] usb 11-1: Product: syz [ 326.781347][ T3264] usb 11-1: Manufacturer: syz [ 326.782925][ T3264] usb 11-1: SerialNumber: syz [ 326.785878][ T3264] usb 11-1: config 0 descriptor?? [ 326.997552][ T3264] iowarrior 11-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 327.198076][ C0] iowarrior 11-1:0.186: iowarrior_callback - usb_submit_urb failed with result -1 [ 327.202954][ T3264] usb 11-1: USB disconnect, device number 17 [ 331.494467][ T3264] usb 11-1: new full-speed USB device number 18 using dummy_hcd [ 331.646529][ T3264] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 331.649843][ T3264] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 331.652629][ T3264] usb 11-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 331.656334][ T3264] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.663971][ T3264] usb 11-1: config 0 descriptor?? [ 331.668989][ T3264] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 331.671594][ T3264] dvb-usb: bulk message failed: -22 (3/0) [ 331.674977][ T3264] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 331.678025][ T3264] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 331.680217][ T3264] usb 11-1: media controller created [ 331.682717][ T3264] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 331.688237][ T3264] dvb-usb: bulk message failed: -22 (6/0) [ 331.690147][ T3264] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 331.693782][ T3264] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb11/11-1/input/input27 [ 331.707620][ T3264] dvb-usb: schedule remote query interval to 150 msecs. [ 331.709879][ T3264] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 331.867394][ T3264] dvb-usb: bulk message failed: -22 (1/0) [ 331.870541][ T3264] dvb-usb: error while querying for an remote control event. [ 331.882899][T18706] usb 11-1: USB disconnect, device number 18 [ 332.019000][T18706] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 336.658685][ T40] audit: type=1400 audit(2000000697.839:161): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 336.914563][ T53] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 337.125220][ T53] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 337.129722][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.133857][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.139252][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.143289][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.146832][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.150559][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.153710][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.157365][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.160999][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.164058][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.168718][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.172482][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.176190][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.179931][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.184863][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.188108][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.191263][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.195214][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.198383][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.201553][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.205829][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.209601][ T53] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 337.213533][ T53] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 337.218286][ T53] usb 10-1: config 0 interface 0 has no altsetting 0 [ 337.222923][ T53] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 337.226470][ T53] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 337.229311][ T53] usb 10-1: Product: syz [ 337.230770][ T53] usb 10-1: Manufacturer: syz [ 337.232370][ T53] usb 10-1: SerialNumber: syz [ 337.236082][ T53] usb 10-1: config 0 descriptor?? [ 337.243513][ T53] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0 [ 337.500537][ C3] usb 10-1: yurex_control_callback - control failed: -71 [ 337.501462][ T3264] usb 10-1: USB disconnect, device number 15 [ 337.511188][ T3264] yurex 10-1:0.0: USB YUREX #0 now disconnected [ 337.818981][T29711] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7080'. [ 337.821885][T29711] netlink: 'syz.6.7080': attribute type 2 has an invalid length. [ 338.271801][T29752] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 338.275966][T29754] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7093'. [ 338.495830][T29783] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7106'. [ 338.593003][T29826] kvm: kvm [29823]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x186) = 0x7 [ 338.601330][T29791] bond0 (unregistering): Released all slaves [ 338.745731][T29875] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 338.861126][T29895] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7120'. [ 338.865551][T29895] block nbd2: Unsupported socket: should be TCP or UNIX. [ 338.874968][T29897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7116'. [ 338.879042][T29897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7116'. [ 339.364653][T29918] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7128'. [ 339.367501][T29918] netlink: 'syz.5.7128': attribute type 2 has an invalid length. [ 339.792144][T29938] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 339.804253][T29938] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.341573][T29973] input: syz1 as /devices/virtual/input/input28 [ 340.378667][T29978] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7146'. [ 340.781766][ T5965] Bluetooth: hci1: unexpected event for opcode 0x040d [ 341.218509][T30023] loop9: detected capacity change from 0 to 524287999 [ 341.851950][T30062] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 341.859111][T30062] 8021q: adding VLAN 0 to HW filter on device macsec1 [ 341.907813][T30071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7175'. [ 341.912482][T30071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7175'. [ 342.030985][T30083] netlink: 'syz.1.7179': attribute type 1 has an invalid length. [ 342.281677][T30116] netlink: 'syz.6.7193': attribute type 1 has an invalid length. [ 342.994569][ T5962] Bluetooth: hci0: command 0x0405 tx timeout [ 344.063758][T30226] netlink: 27 bytes leftover after parsing attributes in process `syz.1.7228'. [ 345.144891][ T6041] usb 11-1: new high-speed USB device number 19 using dummy_hcd [ 345.294583][ T6041] usb 11-1: Using ep0 maxpacket: 32 [ 345.299713][ T6041] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 1536, setting to 1024 [ 345.304859][ T6041] usb 11-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024 [ 345.317544][ T6041] usb 11-1: string descriptor 0 read error: -22 [ 345.322489][ T6041] usb 11-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 345.326546][ T6041] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.337899][T30269] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 345.346632][ T6041] usb 11-1: Quirk or no altset; falling back to MIDI 1.0 [ 345.350954][ T6041] usb 11-1: MIDIStreaming interface descriptor not found [ 345.353977][T30310] bridge0: port 2(bridge_slave_1) entered listening state [ 345.574517][ T53] usb 11-1: USB disconnect, device number 19 [ 346.194222][T30411] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7277'. [ 346.666043][T30438] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7285'. [ 346.689468][T30438] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.692811][T30438] bridge_slave_1: left allmulticast mode [ 346.696103][T30438] bridge_slave_1: left promiscuous mode [ 346.698320][T30438] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.244017][T30476] vivid-003: disconnect [ 347.251171][T30475] vivid-003: reconnect [ 347.357850][T30488] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7303'. [ 348.021853][T30562] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7326'. [ 348.217426][T30576] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7330'. [ 348.221395][T30576] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7330'. [ 348.225461][T30576] netlink: 'syz.5.7330': attribute type 18 has an invalid length. [ 348.228791][T30576] netlink: 'syz.5.7330': attribute type 15 has an invalid length. [ 348.344053][T30585] loop9: detected capacity change from 0 to 8 [ 348.352501][T30585] Dev loop9: unable to read RDB block 8 [ 348.354447][T30585] loop9: unable to read partition table [ 348.356912][T30585] loop9: partition table beyond EOD, truncated [ 348.358995][T30585] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 349.658484][T30706] loop4: detected capacity change from 0 to 524287936 [ 349.931215][T30740] team0: No ports can be present during mode change [ 350.211909][T30746] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.737640][T30746] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.778460][T30746] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 351.649429][ T60] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.655990][ T60] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.659784][ T60] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.663493][ T60] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.717842][T30773] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7392'. [ 351.720770][T30773] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7392'. [ 351.753352][T30779] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7394'. [ 353.623286][ T10] hid_parser_main: 2 callbacks suppressed [ 353.623309][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.629359][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.631800][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.634133][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.636855][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.639294][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.641709][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.644031][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.646784][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.649161][ T10] hid-generic 0005:00B6:0009.000B: unknown main item tag 0x0 [ 353.672619][ T10] hid-generic 0005:00B6:0009.000B: hidraw0: BLUETOOTH HID v1ade12.f3 Device [syz0] on syz1 [ 353.890244][ T10] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [Zw[ba|\rn)A#6oү?aIs5hV3(; [ 353.890244][ T10] ѝP$zɷX$w[SRezxuSrl[5l'ZCz2] on tDKY縣Ϫ򞿹,UOp{"ixA[ewÒ}ZXA [ 353.945235][T30956] fido_id[30956]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 354.080351][T30982] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 354.085453][T30982] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 354.090114][T30982] overlayfs: failed to set uuid (1980/file0, err=-13); falling back to uuid=null. [ 354.298639][T31006] netlink: 71 bytes leftover after parsing attributes in process `syz.2.7461'. [ 354.538335][T31037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7472'. [ 354.585768][T31039] netlink: 'syz.2.7473': attribute type 1 has an invalid length. [ 354.665531][T31046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7475'. [ 355.387441][ T1337] kernel read not supported for file /dsp1 (pid: 1337 comm: kworker/2:2) [ 355.954508][ T5965] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 356.036882][T31147] loop8: detected capacity change from 0 to 524287999 [ 356.053819][T13362] buffer_io_error: 15 callbacks suppressed [ 356.053834][T13362] Buffer I/O error on dev loop8, logical block 65535998, async page read [ 356.424584][T31145] nbd2: detected capacity change from 0 to 128 [ 356.438402][ T5957] block nbd2: Receive control failed (result -104) [ 356.440419][ T5962] block nbd2: Receive control failed (result -32) [ 356.647163][T31198] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7522'. [ 356.650172][T31198] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7522'. [ 356.810390][T31204] 8021q: adding VLAN 0 to HW filter on device bond1 [ 356.816561][T31204] bond0: (slave bond1): Enslaving as an active interface with a down link [ 357.274599][ T53] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 357.426511][ T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 357.430522][ T53] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 357.435015][ T53] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 357.443662][ T53] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 357.447797][ T53] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 357.451181][ T53] usb 10-1: Product: syz [ 357.452972][ T53] usb 10-1: Manufacturer: syz [ 357.456673][ T53] usb 10-1: SerialNumber: syz [ 357.563719][ T168] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.650364][ T5962] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 357.658694][ T5962] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 357.664667][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 357.675986][ T5962] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 357.680715][ T5962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 357.690895][ T53] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 357.886179][ T53] usb 10-1: USB disconnect, device number 16 [ 357.893420][ T53] usblp0: removed [ 357.995505][ T168] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.204764][ T5965] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 358.219563][ T5957] Bluetooth: hci4: command 0x1003 tx timeout [ 358.247687][ T168] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.379594][T31265] chnl_net:caif_netlink_parms(): no params data found [ 358.437401][T31313] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 358.441783][T31313] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 358.444956][T31313] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 358.539218][T31313] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 358.620349][T31313] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 358.622580][T31313] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 358.675666][ T168] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.716330][T31313] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 358.766015][T31265] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.768570][T31265] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.771066][T31265] bridge_slave_0: entered allmulticast mode [ 358.773988][T31265] bridge_slave_0: entered promiscuous mode [ 358.778512][T31265] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.781027][T31265] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.783470][T31265] bridge_slave_1: entered allmulticast mode [ 358.786566][T31265] bridge_slave_1: entered promiscuous mode [ 358.815562][T31265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 358.820718][T31265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 358.849741][T31265] team0: Port device team_slave_0 added [ 358.855227][T31265] team0: Port device team_slave_1 added [ 358.865421][T31313] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.872972][T31313] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 358.881013][T31265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 358.883356][T31265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 358.891913][T31265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 358.896969][T31265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 358.899232][T31265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 358.907531][T31265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 358.959704][T31265] hsr_slave_0: entered promiscuous mode [ 358.962460][T31265] hsr_slave_1: entered promiscuous mode [ 358.963120][T31313] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 358.965740][T31265] debugfs: 'hsr0' already exists in 'hsr' [ 358.968296][T31265] Cannot create hsr debugfs directory [ 359.284503][ T6021] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 359.395673][ T168] bridge_slave_1: left promiscuous mode [ 359.397738][ T168] bridge0: port 2(bridge_slave_1) entered disabled state [ 359.434494][ T6021] usb 10-1: Using ep0 maxpacket: 8 [ 359.437477][ T6021] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 359.440949][ T6021] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 359.444685][ T6021] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 359.448109][ T6021] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 359.452358][ T6021] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 359.455420][ T6021] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.475618][ T168] bridge_slave_0: left allmulticast mode [ 359.477638][ T168] bridge_slave_0: left promiscuous mode [ 359.479639][ T168] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.665717][ T6021] usb 10-1: GET_CAPABILITIES returned 0 [ 359.668202][ T6021] usbtmc 10-1:16.0: can't read capabilities [ 359.876846][ T53] usb 10-1: USB disconnect, device number 17 [ 360.524557][ T5957] Bluetooth: hci2: command 0x0c1a tx timeout [ 360.524589][ T5965] Bluetooth: hci1: command 0x0406 tx timeout [ 360.645580][ T168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 360.674525][ T5965] Bluetooth: hci0: command 0x0405 tx timeout [ 360.704984][ T168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 360.724665][ T10] usb 11-1: new full-speed USB device number 20 using dummy_hcd [ 360.734558][ T53] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 360.774961][ T168] bond0 (unregistering): (slave bond1): Releasing backup interface [ 360.815488][ T168] bond0 (unregistering): Released all slaves [ 360.823814][ T168] bond1 (unregistering): Released all slaves [ 360.876136][ T10] usb 11-1: config 0 has no interfaces? [ 360.878041][ T10] usb 11-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 360.880994][ T10] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.887331][ T10] usb 11-1: config 0 descriptor?? [ 360.899634][ T53] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 360.905019][ T53] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 360.909449][ T53] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 360.916576][ T5965] Bluetooth: hci3: command 0x041b tx timeout [ 360.923956][ T53] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 360.928346][ T53] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.931660][ T53] usb 10-1: Product: syz [ 360.933455][ T53] usb 10-1: Manufacturer: syz [ 360.935675][ T53] usb 10-1: SerialNumber: syz [ 360.939844][ T53] usb 10-1: config 0 descriptor?? [ 360.942161][T31567] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 361.153169][T31567] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 361.372896][ T53] usb 10-1: USB disconnect, device number 18 [ 361.387210][ T168] : left promiscuous mode [ 361.565480][ T168] tipc: Disabling bearer [ 361.644759][ T168] tipc: Disabling bearer [ 361.714749][ T168] tipc: Disabling bearer [ 361.721489][ T168] tipc: Left network mode [ 361.801005][T31265] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 361.803541][ T10] usb 11-1: USB disconnect, device number 20 [ 361.831775][T31265] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 361.836947][T31265] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 361.870122][T31265] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 361.873809][T31265] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 361.916984][T31265] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 361.920186][T31265] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 361.965929][T31265] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 361.971605][T31678] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 361.986137][T31678] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 361.989136][T31678] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 361.992111][T31678] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 362.053622][T31707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7552'. [ 362.058175][T31707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7552'. [ 362.132450][ T5666] 8021q: adding VLAN 0 to HW filter on device eth14 [ 362.231423][T31265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 362.279015][T31265] 8021q: adding VLAN 0 to HW filter on device team0 [ 362.286704][ T224] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.289855][ T224] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.300238][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.303423][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 362.480463][ T5666] 8021q: adding VLAN 0 to HW filter on device eth15 [ 362.518702][T31265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 362.888599][ T5666] 8021q: adding VLAN 0 to HW filter on device eth16 [ 362.914050][T31265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 363.134534][ T168] hsr_slave_0: left promiscuous mode [ 363.174525][ T168] hsr_slave_1: left promiscuous mode [ 363.176882][ T168] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 363.179224][ T168] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 363.225211][ T168] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 363.227779][ T168] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 363.318969][ T168] veth1_macvtap: left promiscuous mode [ 363.320898][ T168] veth0_macvtap: left promiscuous mode [ 363.322696][ T168] veth1_vlan: left promiscuous mode [ 363.326852][ T168] veth0_vlan: left promiscuous mode [ 364.005151][ T168] team0 (unregistering): Port device team_slave_1 removed [ 364.035011][ T5957] Bluetooth: hci3: command 0x041b tx timeout [ 364.035053][ T5962] Bluetooth: hci0: command 0x0405 tx timeout [ 364.039593][ T5962] Bluetooth: hci1: command 0x0406 tx timeout [ 364.040412][ T5965] Bluetooth: hci2: command 0x0c1a tx timeout [ 364.065085][ T168] team0 (unregistering): Port device team_slave_0 removed [ 364.348116][ T5666] 8021q: adding VLAN 0 to HW filter on device eth17 [ 364.446689][T31265] veth0_vlan: entered promiscuous mode [ 364.459076][T31265] veth1_vlan: entered promiscuous mode [ 364.477880][T31265] veth0_macvtap: entered promiscuous mode [ 364.492171][T31265] veth1_macvtap: entered promiscuous mode [ 364.503721][T31265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 364.517921][T31265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 364.550035][ T519] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.560713][ T519] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.563802][ T519] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.572211][ T519] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.806894][T31867] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7588'. [ 364.810490][ T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.818476][ T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.884234][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.887005][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.897284][T31887] input: syz0 as /devices/virtual/input/input29 [ 365.111979][T31913] binder: 31911:31913 ioctl c0306201 80000080 returned -14 [ 365.196092][T31924] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7600'. [ 365.287352][ T168] IPVS: stop unused estimator thread 0... [ 365.584846][T31943] netem: incorrect ge model size [ 365.594483][T31943] netem: change failed [ 365.756360][T31960] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7611'. [ 366.114767][ T5965] Bluetooth: hci2: command 0x0c1a tx timeout [ 366.117314][ T5965] Bluetooth: hci3: command 0x041b tx timeout [ 366.117514][T31821] Bluetooth: hci0: command 0x0405 tx timeout [ 366.211050][T31999] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7621'. [ 366.252327][T32002] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7623'. [ 366.294783][T32011] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7625'. [ 367.570549][T32086] loop6: detected capacity change from 0 to 7 [ 367.584651][ C0] blk_print_req_error: 16 callbacks suppressed [ 367.584667][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.589580][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.594027][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.597770][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.606727][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.609950][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.618180][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.621591][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.626627][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.630152][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.633446][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.636637][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.642456][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.645612][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.648268][T32086] ldm_validate_partition_table(): Disk read failed. [ 367.651291][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.654568][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.657971][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.661730][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.666064][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.670002][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 367.673150][T32086] Dev loop6: unable to read RDB block 0 [ 367.677030][T32086] loop6: unable to read partition table [ 367.679047][T32086] loop6: partition table beyond EOD, truncated [ 367.683496][T32086] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 368.078499][ T40] audit: type=1326 audit(2000000729.259:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.089721][ T40] audit: type=1326 audit(2000000729.269:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.097441][ T40] audit: type=1326 audit(2000000729.279:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.113629][ T40] audit: type=1326 audit(2000000729.279:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.126199][ T40] audit: type=1326 audit(2000000729.279:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.137632][ T40] audit: type=1326 audit(2000000729.289:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 368.146944][ T40] audit: type=1326 audit(2000000729.289:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f84fe8 code=0x7ffc0000 [ 368.156016][ T40] audit: type=1326 audit(2000000729.289:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f84fe8 code=0x7ffc0000 [ 368.162990][ T40] audit: type=1326 audit(2000000729.289:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f84fe8 code=0x7ffc0000 [ 368.170583][ T40] audit: type=1326 audit(2000000729.289:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32141 comm="syz.5.7664" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f84fe8 code=0x7ffc0000 [ 368.194616][T31821] Bluetooth: hci3: command 0x041b tx timeout [ 368.312068][T32152] pim6reg: entered allmulticast mode [ 368.325789][T32152] team0: entered allmulticast mode [ 368.327542][T32152] team_slave_0: entered allmulticast mode [ 368.335032][T32152] team_slave_1: entered allmulticast mode [ 368.482389][T18704] kernel write not supported for file /uinput (pid: 18704 comm: kworker/1:4) [ 368.552968][T32187] gretap0: entered promiscuous mode [ 368.587393][T32187] gretap0: left promiscuous mode [ 368.722648][T32206] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7682'. [ 368.736613][T32206] netlink: 72 bytes leftover after parsing attributes in process `syz.6.7682'. [ 369.148568][T32250] gretap0: entered promiscuous mode [ 369.185420][T32250] gretap0: left promiscuous mode [ 369.422174][T32283] evm: overlay not supported [ 370.274567][T31821] Bluetooth: hci3: command 0x041b tx timeout [ 371.674305][T32410] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7743'. [ 371.857771][T32428] loop8: detected capacity change from 0 to 524287999 [ 372.108469][T18704] kernel read not supported for file /dsp1 (pid: 18704 comm: kworker/1:4) [ 372.164675][ T10] usb 11-1: new high-speed USB device number 21 using dummy_hcd [ 372.334600][ T10] usb 11-1: Using ep0 maxpacket: 16 [ 372.337844][ T10] usb 11-1: config 0 has no interfaces? [ 372.339814][ T10] usb 11-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 372.342881][ T10] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.350532][ T10] usb 11-1: config 0 descriptor?? [ 372.354509][T31821] Bluetooth: hci3: command 0x041b tx timeout [ 372.560573][ T6021] usb 11-1: USB disconnect, device number 21 [ 372.787417][T32481] netlink: 'syz.7.7762': attribute type 10 has an invalid length. [ 372.790535][T32481] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7762'. [ 372.794073][T32481] dummy0: entered promiscuous mode [ 372.801163][T32481] bridge0: port 3(dummy0) entered blocking state [ 372.803927][T32481] bridge0: port 3(dummy0) entered disabled state [ 372.806971][T32481] dummy0: entered allmulticast mode [ 372.813628][T32481] bridge0: port 3(dummy0) entered blocking state [ 372.817358][T32481] bridge0: port 3(dummy0) entered forwarding state [ 372.869159][ T53] kernel write not supported for file bpf-map (pid: 53 comm: kworker/3:1) [ 373.908518][T32566] netlink: 'syz.5.7788': attribute type 10 has an invalid length. [ 373.912378][T32566] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7788'. [ 373.921677][T32566] dummy0: entered promiscuous mode [ 373.940686][T32566] bridge0: port 3(dummy0) entered blocking state [ 373.944070][T32566] bridge0: port 3(dummy0) entered disabled state [ 373.946925][T32566] dummy0: entered allmulticast mode [ 374.710613][T32647] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7811'. [ 374.799740][ T81] tipc: Subscription rejected, illegal request [ 374.994936][T32661] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 375.004767][T32661] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 375.011720][T32661] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 375.014868][T32661] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 375.200986][T32688] (syz.7.7822,32688,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 375.804724][T32732] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 375.807674][T32732] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 375.810602][T32732] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 375.813484][T32732] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 376.690463][ T350] cifs: Unknown parameter 'mode' [ 377.134463][ T6023] usb 10-1: new high-speed USB device number 19 using dummy_hcd [ 377.284615][ T6023] usb 10-1: Using ep0 maxpacket: 8 [ 377.287947][ T6023] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 377.291236][ T6023] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 377.294478][ T6023] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 377.297810][ T6023] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 377.301922][ T6023] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 377.304983][ T6023] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.518494][ T6023] usb 10-1: GET_CAPABILITIES returned 0 [ 377.523455][ T6023] usbtmc 10-1:16.0: can't read capabilities [ 377.719365][ T29] usb 10-1: USB disconnect, device number 19 [ 377.874795][ T5315] Bluetooth: hci3: command 0x041b tx timeout [ 377.876807][ T5315] Bluetooth: hci0: command 0x0405 tx timeout [ 377.877391][ T5965] Bluetooth: hci2: command 0x0c1a tx timeout [ 377.884607][ T5965] Bluetooth: hci1: command 0x0406 tx timeout [ 378.307513][ T414] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7870'. [ 378.518196][ T394] Set syz1 is full, maxelem 65536 reached [ 378.594836][ T5965] Bluetooth: hci4: command 0x1003 tx timeout [ 378.598411][T31821] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 379.213146][ T3264] kernel write not supported for file /input/event2 (pid: 3264 comm: kworker/0:2) [ 380.065621][ T3264] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 380.214486][ T3264] usb 6-1: Using ep0 maxpacket: 8 [ 380.217976][ T3264] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 380.221860][ T3264] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 380.225910][ T3264] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 380.229401][ T3264] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 380.233602][ T3264] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 380.236986][ T3264] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.470383][ T3264] usb 6-1: GET_CAPABILITIES returned 0 [ 380.472660][ T3264] usbtmc 6-1:16.0: can't read capabilities [ 380.673238][ T3264] usb 6-1: USB disconnect, device number 21 [ 381.002353][ T689] vivid-007: disconnect [ 381.008750][ T689] vivid-007: reconnect [ 381.280054][T31888] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 381.299330][ T519] Bluetooth: hci4: Frame reassembly failed (-84) [ 381.764840][T19086] usb 11-1: new high-speed USB device number 22 using dummy_hcd [ 381.776702][ T758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7952'. [ 381.780300][ T758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7952'. [ 381.934945][T19086] usb 11-1: Using ep0 maxpacket: 8 [ 381.938169][T19086] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 381.941771][T19086] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 381.944860][T19086] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 381.948512][T19086] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 381.952889][T19086] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 381.956780][T19086] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.170507][T19086] usb 11-1: GET_CAPABILITIES returned 0 [ 382.172787][T19086] usbtmc 11-1:16.0: can't read capabilities [ 382.379776][T19086] usb 11-1: USB disconnect, device number 22 [ 382.729367][ T824] 9pnet_virtio: no channels available for device syz [ 383.314667][T31821] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 383.314800][ T5965] Bluetooth: hci4: command 0x1003 tx timeout [ 383.801279][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.968347][T19086] kernel read not supported for file /video37 (pid: 19086 comm: kworker/3:4) [ 384.611612][ T1001] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8006'. [ 384.615394][ T1001] netlink: 'syz.6.8006': attribute type 18 has an invalid length. [ 384.618646][ T1001] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8006'. [ 384.758235][ T1019] kvm: user requested TSC rate below hardware speed [ 385.030563][ T1039] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8017'. [ 385.395163][ T1059] block nbd3: server does not support multiple connections per device. [ 385.403533][ T1059] block nbd3: shutting down sockets [ 385.489020][T19086] kernel read not supported for file /video37 (pid: 19086 comm: kworker/3:4) [ 385.539578][ T1094] erspan0: entered promiscuous mode [ 385.544017][ T1094] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8029'. [ 385.550135][ T1094] erspan0: left promiscuous mode [ 385.845819][ T841] kernel write not supported for file /vcsa (pid: 841 comm: kworker/3:2) [ 386.076401][ T1154] Falling back ldisc for ttyS3. [ 386.446811][ T1230] Cache volume key already in use (9p,syz,) [ 386.480772][ T40] kauditd_printk_skb: 135 callbacks suppressed [ 386.480788][ T40] audit: type=1804 audit(2000000747.659:307): pid=1230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.8061" name="/newroot/378/file0/file0" dev="9p" ino=72374785 res=1 errno=0 [ 387.054658][ T2200] block nbd2: Connection timed out, retrying (0/2 alive) [ 387.057519][ T2200] block nbd2: Dead connection, failed to find a fallback [ 387.059993][ T2200] block nbd2: shutting down sockets [ 387.061698][ T2200] blk_print_req_error: 10 callbacks suppressed [ 387.061707][ T2200] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.072939][ T2200] buffer_io_error: 11 callbacks suppressed [ 387.072956][ T2200] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.082156][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.086014][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.088926][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.092521][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.096224][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.100327][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.103685][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.107688][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.111089][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.115126][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.118609][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.122682][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.126684][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.130499][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.133860][T13362] ldm_validate_partition_table(): Disk read failed. [ 387.137266][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.141189][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.144710][T13362] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.149057][T13362] Buffer I/O error on dev nbd2, logical block 0, async page read [ 387.152640][T13362] Dev nbd2: unable to read RDB block 0 [ 387.155792][T13362] nbd2: unable to read partition table [ 387.161395][T13362] ldm_validate_partition_table(): Disk read failed. [ 387.163951][T13362] Dev nbd2: unable to read RDB block 0 [ 387.167970][T13362] nbd2: unable to read partition table [ 387.378272][ T1272] macvlan2: entered promiscuous mode [ 387.380573][ T1272] bridge0: entered promiscuous mode [ 388.457983][ T1299] block nbd3: server does not support multiple connections per device. [ 388.463197][ T1299] block nbd3: shutting down sockets [ 388.535970][ T1311] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8084'. [ 388.720652][ T841] kernel write not supported for file /uinput (pid: 841 comm: kworker/3:2) [ 388.771453][ T1338] loop8: detected capacity change from 0 to 7 [ 388.792345][ T1338] loop8: [POWERTEC] [ 388.860255][ T1353] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8097'. [ 388.999885][ T1358] block nbd3: server does not support multiple connections per device. [ 389.002980][ T1358] block nbd3: shutting down sockets [ 390.344690][ T6023] usb 10-1: new full-speed USB device number 20 using dummy_hcd [ 390.517829][ T6023] usb 10-1: config 0 has no interfaces? [ 390.520227][ T6023] usb 10-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 390.523305][ T6023] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 390.537309][ T6023] usb 10-1: config 0 descriptor?? [ 390.787649][ T6021] usb 10-1: USB disconnect, device number 20 [ 390.846704][ T1704] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8137'. [ 391.156191][ T1729] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8145'. [ 391.504704][ T1752] bond1: entered promiscuous mode [ 392.101332][ T40] audit: type=1326 audit(2000000753.279:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.119051][ T40] audit: type=1326 audit(2000000753.289:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.129293][ T40] audit: type=1326 audit(2000000753.289:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.138386][ T40] audit: type=1326 audit(2000000753.289:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.151951][ T40] audit: type=1326 audit(2000000753.289:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.170416][ T40] audit: type=1326 audit(2000000753.289:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.187776][ T40] audit: type=1326 audit(2000000753.289:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.196999][ T40] audit: type=1326 audit(2000000753.289:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.204566][ T40] audit: type=1326 audit(2000000753.289:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 392.211277][ T40] audit: type=1326 audit(2000000753.289:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1850 comm="syz.5.8173" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f84fcc code=0x7ffc0000 [ 393.716194][ T1964] netlink: 224 bytes leftover after parsing attributes in process `syz.7.8204'. [ 393.719577][ T1964] netlink: 220 bytes leftover after parsing attributes in process `syz.7.8204'. [ 394.043982][ T2001] support for the xor transformation has been removed. [ 394.094276][ T2006] netlink: 'syz.5.8217': attribute type 4 has an invalid length. [ 394.097328][ T2006] netlink: 228 bytes leftover after parsing attributes in process `syz.5.8217'. [ 394.222096][ T2018] loop6: detected capacity change from 0 to 8 [ 394.289547][ T2018] loop6: detected capacity change from 8 to 0 [ 394.859356][ T2076] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 394.988633][ T2095] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.8241'. [ 395.510164][ T519] Bluetooth: hci4: Frame reassembly failed (-84) [ 395.512958][ T2148] Bluetooth: hci4: Frame reassembly failed (-84) [ 396.115329][ T841] hid_parser_main: 4102 callbacks suppressed [ 396.115347][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x3 [ 396.119812][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x3 [ 396.122306][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.126421][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.129752][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.132184][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.135501][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.137937][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.140343][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.142747][ T841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 396.145591][T19086] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 396.149566][ T841] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.03 Device [syz1] on syz1 [ 396.186341][ T2210] fido_id[2210]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 396.265987][ T2222] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.314442][T19086] usb 6-1: Using ep0 maxpacket: 32 [ 396.318228][T19086] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 396.321542][T19086] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.326097][T19086] usb 6-1: config 0 descriptor?? [ 396.378290][T19086] as10x_usb: device has been detected [ 396.381188][T19086] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 396.385595][ T2237] ref_ctr_offset mismatch. inode: 0xb34 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018 [ 396.393250][T19086] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 396.432332][T19086] as10x_usb: error during firmware upload part1 [ 396.434645][T19086] Registered device nBox DVB-T Dongle [ 396.548028][T19086] usb 6-1: USB disconnect, device number 22 [ 396.573859][T19086] Unregistered device nBox DVB-T Dongle [ 396.577936][T19086] as10x_usb: device has been disconnected [ 396.683028][ T2269] tmpfs: Cannot retroactively limit size [ 397.417982][ T2301] syz.7.8293 (2301): drop_caches: 1 [ 397.419330][ T2312] syz.7.8293 (2312): drop_caches: 1 [ 397.460012][ T2301] syz.7.8293 (2301): drop_caches: 1 [ 397.564618][ T5965] Bluetooth: hci4: command 0x1003 tx timeout [ 397.567573][T31821] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 397.738064][ T2336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8301'. [ 397.741788][ T2336] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8301'. [ 398.467057][ T2409] netlink: 'syz.5.8321': attribute type 1 has an invalid length. [ 398.473408][ T2409] netlink: 288 bytes leftover after parsing attributes in process `syz.5.8321'. [ 398.636023][ T2437] sp0: Synchronizing with TNC [ 398.789338][ T2464] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8339'. [ 398.792733][ T2464] netlink: 'syz.5.8339': attribute type 30 has an invalid length. [ 398.808521][ T168] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.810986][ T2464] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8339'. [ 398.817241][ T2464] netlink: 'syz.5.8339': attribute type 30 has an invalid length. [ 398.826024][ T168] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.862236][ T168] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.867486][ T168] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 399.015995][ T2501] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8349'. [ 399.410992][ T2556] syz.5.8362 (2556): drop_caches: 1 [ 399.433302][ T2556] syz.5.8362 (2556): drop_caches: 1 [ 399.465416][ T2567] syz.5.8362 (2567): drop_caches: 1 [ 399.811551][ T40] audit: type=1326 audit(2000000760.989:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.829466][ T40] audit: type=1326 audit(2000000760.989:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.838256][ T40] audit: type=1326 audit(2000000760.989:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 399.854692][ T40] audit: type=1326 audit(2000000760.989:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.861570][ T40] audit: type=1326 audit(2000000760.989:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.869446][ T40] audit: type=1326 audit(2000000760.989:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.876241][ T40] audit: type=1326 audit(2000000760.989:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.882750][ T40] audit: type=1326 audit(2000000760.989:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 399.889780][ T40] audit: type=1326 audit(2000000760.989:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703efe8 code=0x7ffc0000 [ 399.896772][ T40] audit: type=1326 audit(2000000760.989:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2597 comm="syz.7.8373" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 400.273636][ T2631] syz.1.8380 (2631): drop_caches: 1 [ 400.310322][ T2640] syz.1.8380 (2640): drop_caches: 1 [ 400.318596][ T2631] syz.1.8380 (2631): drop_caches: 1 [ 400.442401][ T2659] pim6reg: entered allmulticast mode [ 400.451312][ T2659] pim6reg: left allmulticast mode [ 400.553911][ T2678] sp0: Synchronizing with TNC [ 400.843028][ T2724] trusted_key: encrypted_key: keyword 'upw' not recognized [ 400.889374][ T2721] syz.6.8395 (2721): drop_caches: 1 [ 400.930809][ T2732] syz.6.8395 (2732): drop_caches: 1 [ 400.955986][ T2721] syz.6.8395 (2721): drop_caches: 1 [ 401.429807][ T2835] binder: 2834:2835 ioctl c0306201 0 returned -14 [ 401.489609][ T2848] ubi16: attaching mtd0 [ 401.491574][ T2848] ubi16 error: ubi_attach_mtd_dev: bad VID header (16) or data offsets (80) [ 401.564594][T18706] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 401.746090][T18706] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 401.748829][T18706] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 401.752023][T18706] usb 10-1: config 0 interface 0 has no altsetting 0 [ 401.757874][T18706] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 401.761065][T18706] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 401.765777][T18706] usb 10-1: Product: syz [ 401.768136][T18706] usb 10-1: Manufacturer: syz [ 401.770327][T18706] usb 10-1: SerialNumber: syz [ 401.781188][T18706] usb 10-1: config 0 descriptor?? [ 401.786567][T18706] hub 10-1:0.0: bad descriptor, ignoring hub [ 401.789028][T18706] hub 10-1:0.0: probe with driver hub failed with error -5 [ 401.793995][T18706] usb 10-1: selecting invalid altsetting 0 [ 401.977892][ T2903] syz.6.8434 (2903): drop_caches: 1 [ 402.002400][ T2903] syz.6.8434 (2903): drop_caches: 1 [ 402.016978][ T2912] syz.6.8434 (2912): drop_caches: 1 [ 402.440113][ T39] usb 10-1: USB disconnect, device number 21 [ 402.594497][ T39] usb 10-1: new full-speed USB device number 22 using dummy_hcd [ 402.747195][ T39] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 402.750595][ T39] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 402.755009][ T39] usb 10-1: config 0 interface 0 has no altsetting 0 [ 402.762048][ T39] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 402.766091][ T39] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 402.772399][ T39] usb 10-1: Product: syz [ 402.774540][ T39] usb 10-1: Manufacturer: syz [ 402.779048][ T39] usb 10-1: SerialNumber: syz [ 402.786592][ T39] usb 10-1: config 0 descriptor?? [ 402.790279][ T39] hub 10-1:0.0: bad descriptor, ignoring hub [ 402.793043][ T39] hub 10-1:0.0: probe with driver hub failed with error -5 [ 402.797975][ T39] usb 10-1: selecting invalid altsetting 0 [ 402.853611][ T3017] netlink: 'syz.1.8451': attribute type 4 has an invalid length. [ 403.104863][T19086] usb 10-1: USB disconnect, device number 22 [ 403.530793][ T3092] Context (ID=0x0) not attached to queue pair (handle=0x2:0x0) [ 403.762142][ T3129] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.8478'. [ 403.775153][ T39] e1000 0000:00:06.0 eth0: Reset adapter [ 405.955414][ T6021] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 414.405815][ T3190] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8487'. [ 414.408976][ T3190] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8487'. [ 414.418950][ T3190] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8487'. [ 414.421997][ T3190] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8487'. [ 414.464667][ T3185] block nbd3: server does not support multiple connections per device. [ 414.471537][ T3185] block nbd3: shutting down sockets [ 414.548992][ T3208] [ 414.549893][ T3208] ====================================================== [ 414.552250][ T3208] WARNING: possible circular locking dependency detected [ 414.554556][ T3208] syzkaller #0 Tainted: G L [ 414.556638][ T3208] ------------------------------------------------------ [ 414.558948][ T3208] syz.6.8493/3208 is trying to acquire lock: [ 414.560973][ T3208] ffffffff8e9b0700 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 414.564348][ T3208] [ 414.564348][ T3208] but task is already holding lock: [ 414.566729][ T3208] ffffffff8e97e080 (slab_mutex){+.+.}-{4:4}, at: __kmem_cache_create_args+0x44/0x420 [ 414.569855][ T3208] [ 414.569855][ T3208] which lock already depends on the new lock. [ 414.569855][ T3208] [ 414.573404][ T3208] [ 414.573404][ T3208] the existing dependency chain (in reverse order) is: [ 414.576354][ T3208] [ 414.576354][ T3208] -> #8 (slab_mutex){+.+.}-{4:4}: [ 414.579502][ T3208] __mutex_lock+0x1a4/0x1b10 [ 414.581284][ T3208] kmem_cache_destroy+0x59/0x180 [ 414.583100][ T3208] p9_client_destroy+0x20c/0x3a0 [ 414.584913][ T3208] v9fs_session_close+0x49/0x2d0 [ 414.586876][ T3208] v9fs_kill_super+0x4d/0xa0 [ 414.588566][ T3208] deactivate_locked_super+0xc1/0x1b0 [ 414.590081][ T3216] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8496'. [ 414.590510][ T3208] deactivate_super+0xe7/0x110 [ 414.590522][ T3208] cleanup_mnt+0x21f/0x450 [ 414.590532][ T3208] task_work_run+0x150/0x240 [ 414.590542][ T3208] exit_to_user_mode_loop+0x100/0x4a0 [ 414.602444][ T3208] __do_fast_syscall_32+0x608/0x950 [ 414.604921][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.606922][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.609232][ T3208] [ 414.609232][ T3208] -> #7 (cpu_hotplug_lock){++++}-{0:0}: [ 414.611743][ T3208] cpus_read_lock+0x42/0x170 [ 414.613504][ T3208] static_key_slow_inc+0x12/0x30 [ 414.615609][ T3208] tcp_md5_do_add+0x296/0x430 [ 414.617881][ T3208] tcp_v6_parse_md5_keys+0x264/0x860 [ 414.620107][ T3208] do_tcp_setsockopt+0x1a6f/0x2b40 [ 414.622037][ T3208] tcp_setsockopt+0xe2/0x100 [ 414.623709][ T3208] do_sock_setsockopt+0xf3/0x1d0 [ 414.625451][ T3208] __sys_setsockopt+0x119/0x190 [ 414.627310][ T3208] __ia32_sys_setsockopt+0xbc/0x160 [ 414.629222][ T3208] __do_fast_syscall_32+0xe7/0x950 [ 414.631026][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.632788][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.634943][ T3208] [ 414.634943][ T3208] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 414.637612][ T3208] lock_sock_nested+0x41/0xf0 [ 414.639304][ T3208] inet_shutdown+0x67/0x410 [ 414.640929][ T3208] nbd_mark_nsock_dead+0xae/0x5c0 [ 414.642815][ T3208] sock_shutdown+0x16b/0x200 [ 414.644472][ T3208] nbd_config_put+0x1eb/0x750 [ 414.646128][ T3208] nbd_genl_connect+0xaf8/0x1a40 [ 414.647955][ T3208] genl_family_rcv_msg_doit+0x214/0x300 [ 414.649904][ T3208] genl_rcv_msg+0x560/0x800 [ 414.651527][ T3208] netlink_rcv_skb+0x159/0x420 [ 414.653261][ T3208] genl_rcv+0x28/0x40 [ 414.654711][ T3208] netlink_unicast+0x585/0x850 [ 414.656465][ T3208] netlink_sendmsg+0x8b0/0xda0 [ 414.658266][ T3208] ____sys_sendmsg+0x9e1/0xb70 [ 414.659960][ T3208] ___sys_sendmsg+0x190/0x1e0 [ 414.661631][ T3208] __sys_sendmsg+0x170/0x220 [ 414.663299][ T3208] __do_fast_syscall_32+0xe7/0x950 [ 414.665096][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.666824][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.669054][ T3208] [ 414.669054][ T3208] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 414.671519][ T3208] __mutex_lock+0x1a4/0x1b10 [ 414.673207][ T3208] nbd_queue_rq+0x428/0x1080 [ 414.674918][ T3208] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 414.677059][ T3208] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 414.679286][ T3208] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 414.681357][ T3208] blk_mq_run_hw_queue+0x23c/0x670 [ 414.683175][ T3208] blk_mq_dispatch_list+0x51d/0x1360 [ 414.685033][ T3208] blk_mq_flush_plug_list+0x130/0x600 [ 414.686962][ T3208] __blk_flush_plug+0x2c4/0x4b0 [ 414.688788][ T3208] __submit_bio+0x584/0x6c0 [ 414.690417][ T3208] submit_bio_noacct_nocheck+0x543/0xbf0 [ 414.692430][ T3208] submit_bio_noacct+0xd18/0x2000 [ 414.694214][ T3208] submit_bh_wbc+0x681/0x890 [ 414.695866][ T3208] block_read_full_folio+0x4c8/0x8e0 [ 414.697853][ T3208] filemap_read_folio+0xfc/0x3b0 [ 414.699695][ T3208] do_read_cache_folio+0x2d7/0x6b0 [ 414.701489][ T3208] read_part_sector+0xd1/0x370 [ 414.703232][ T3208] adfspart_check_ICS+0x91/0x7d0 [ 414.704989][ T3208] bdev_disk_changed+0x7a3/0x1250 [ 414.706764][ T3208] blkdev_get_whole+0x187/0x290 [ 414.708677][ T3208] bdev_open+0x2c7/0xe40 [ 414.710216][ T3208] blkdev_open+0x34e/0x4f0 [ 414.711819][ T3208] do_dentry_open+0x6d8/0x1660 [ 414.713541][ T3208] vfs_open+0x82/0x3f0 [ 414.715030][ T3208] path_openat+0x208c/0x31a0 [ 414.716718][ T3208] do_file_open+0x20e/0x430 [ 414.718860][ T3208] do_sys_openat2+0x10d/0x1e0 [ 414.721148][ T3208] __x64_sys_openat+0x12d/0x210 [ 414.723469][ T3208] do_syscall_64+0x10b/0xf80 [ 414.725652][ T3208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.728377][ T3208] [ 414.728377][ T3208] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 414.731446][ T3208] __mutex_lock+0x1a4/0x1b10 [ 414.733664][ T3208] nbd_queue_rq+0xba/0x1080 [ 414.735857][ T3208] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 414.738407][ T3208] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 414.741315][ T3208] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 414.744113][ T3208] blk_mq_run_hw_queue+0x23c/0x670 [ 414.746517][ T3208] blk_mq_dispatch_list+0x51d/0x1360 [ 414.749038][ T3208] blk_mq_flush_plug_list+0x130/0x600 [ 414.751587][ T3208] __blk_flush_plug+0x2c4/0x4b0 [ 414.753940][ T3208] __submit_bio+0x584/0x6c0 [ 414.756136][ T3208] submit_bio_noacct_nocheck+0x543/0xbf0 [ 414.758746][ T3208] submit_bio_noacct+0xd18/0x2000 [ 414.761147][ T3208] submit_bh_wbc+0x681/0x890 [ 414.763337][ T3208] block_read_full_folio+0x4c8/0x8e0 [ 414.765822][ T3208] filemap_read_folio+0xfc/0x3b0 [ 414.768133][ T3208] do_read_cache_folio+0x2d7/0x6b0 [ 414.770479][ T3208] read_part_sector+0xd1/0x370 [ 414.772647][ T3208] adfspart_check_ICS+0x91/0x7d0 [ 414.774924][ T3208] bdev_disk_changed+0x7a3/0x1250 [ 414.777290][ T3208] blkdev_get_whole+0x187/0x290 [ 414.779590][ T3208] bdev_open+0x2c7/0xe40 [ 414.781207][ T3208] blkdev_open+0x34e/0x4f0 [ 414.783055][ T3208] do_dentry_open+0x6d8/0x1660 [ 414.785290][ T3208] vfs_open+0x82/0x3f0 [ 414.787255][ T3208] path_openat+0x208c/0x31a0 [ 414.789402][ T3208] do_file_open+0x20e/0x430 [ 414.791410][ T3208] do_sys_openat2+0x10d/0x1e0 [ 414.793441][ T3208] __x64_sys_openat+0x12d/0x210 [ 414.795629][ T3208] do_syscall_64+0x10b/0xf80 [ 414.797385][ T3208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.799407][ T3208] [ 414.799407][ T3208] -> #3 (set->srcu){.+.+}-{0:0}: [ 414.801592][ T3208] __synchronize_srcu+0xa2/0x300 [ 414.803267][ T3208] blk_mq_quiesce_queue+0x149/0x1c0 [ 414.805045][ T3208] elevator_switch+0x17b/0x7e0 [ 414.806717][ T3208] elevator_change+0x352/0x530 [ 414.808500][ T3208] elevator_set_default+0x29e/0x360 [ 414.810232][ T3208] blk_register_queue+0x48e/0x630 [ 414.811951][ T3208] __add_disk+0x73f/0xe40 [ 414.813470][ T3208] add_disk_fwnode+0x118/0x5c0 [ 414.815091][ T3208] nbd_dev_add+0x77a/0xb10 [ 414.816784][ T3208] nbd_init+0x291/0x2b0 [ 414.818563][ T3208] do_one_initcall+0x121/0x750 [ 414.820154][ T3208] kernel_init_freeable+0x6ea/0x7b0 [ 414.822032][ T3208] kernel_init+0x1f/0x1e0 [ 414.823550][ T3208] ret_from_fork+0x72b/0xd50 [ 414.825146][ T3208] ret_from_fork_asm+0x1a/0x30 [ 414.826845][ T3208] [ 414.826845][ T3208] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 414.829236][ T3208] __mutex_lock+0x1a4/0x1b10 [ 414.830814][ T3208] elevator_change+0x1bc/0x530 [ 414.832457][ T3208] elevator_set_none+0x92/0xf0 [ 414.834068][ T3208] blk_mq_update_nr_hw_queues+0x4c1/0x15f0 [ 414.836094][ T3208] nbd_start_device+0x1a6/0xbd0 [ 414.837761][ T3208] nbd_genl_connect+0xff2/0x1a40 [ 414.839390][ T3208] genl_family_rcv_msg_doit+0x214/0x300 [ 414.841251][ T3208] genl_rcv_msg+0x560/0x800 [ 414.842786][ T3208] netlink_rcv_skb+0x159/0x420 [ 414.844437][ T3208] genl_rcv+0x28/0x40 [ 414.845990][ T3208] netlink_unicast+0x585/0x850 [ 414.847925][ T3208] netlink_sendmsg+0x8b0/0xda0 [ 414.849567][ T3208] ____sys_sendmsg+0x9e1/0xb70 [ 414.851163][ T3208] ___sys_sendmsg+0x190/0x1e0 [ 414.852851][ T3208] __sys_sendmsg+0x170/0x220 [ 414.854712][ T3208] __do_fast_syscall_32+0xe7/0x950 [ 414.856697][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.858389][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.860469][ T3208] [ 414.860469][ T3208] -> #1 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 414.863107][ T3208] blk_alloc_queue+0x610/0x790 [ 414.864745][ T3208] blk_mq_alloc_queue+0x174/0x290 [ 414.866521][ T3208] __blk_mq_alloc_disk+0x29/0x120 [ 414.868285][ T3208] nbd_dev_add+0x492/0xb10 [ 414.869834][ T3208] nbd_init+0x291/0x2b0 [ 414.871317][ T3208] do_one_initcall+0x121/0x750 [ 414.872931][ T3208] kernel_init_freeable+0x6ea/0x7b0 [ 414.874694][ T3208] kernel_init+0x1f/0x1e0 [ 414.876269][ T3208] ret_from_fork+0x72b/0xd50 [ 414.877857][ T3208] ret_from_fork_asm+0x1a/0x30 [ 414.879489][ T3208] [ 414.879489][ T3208] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 414.881717][ T3208] __lock_acquire+0x14b8/0x2630 [ 414.883368][ T3208] lock_acquire+0x1b1/0x370 [ 414.884926][ T3208] fs_reclaim_acquire+0xc4/0x100 [ 414.886630][ T3208] __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 414.888675][ T3208] kstrdup+0x51/0xe0 [ 414.890049][ T3208] kstrdup_const+0x63/0x80 [ 414.891603][ T3208] __kmem_cache_create_args+0x118/0x420 [ 414.893477][ T3208] bioset_init+0x5ee/0x8a0 [ 414.895001][ T3208] mddev_init+0x17c/0x820 [ 414.896533][ T3208] md_alloc+0xc7/0x10a0 [ 414.898035][ T3208] md_probe+0x73/0xf0 [ 414.899465][ T3208] blk_probe_dev+0x149/0x1e0 [ 414.901090][ T3208] blk_request_module+0x16/0xc0 [ 414.902734][ T3208] blkdev_get_no_open+0x9b/0xf0 [ 414.904399][ T3208] bdev_file_open_by_dev+0x70/0x210 [ 414.906207][ T3208] swsusp_check+0x72/0x470 [ 414.907774][ T3208] software_resume+0x6f/0x330 [ 414.909379][ T3208] resume_store+0x248/0x460 [ 414.910947][ T3208] kobj_attr_store+0x58/0x80 [ 414.912557][ T3208] sysfs_kf_write+0xf2/0x150 [ 414.914168][ T3208] kernfs_fop_write_iter+0x3e0/0x5f0 [ 414.916024][ T3208] vfs_write+0x6ac/0x1070 [ 414.917549][ T3208] ksys_write+0x12a/0x250 [ 414.919086][ T3208] __do_fast_syscall_32+0xe7/0x950 [ 414.920867][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.922538][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.924662][ T3208] [ 414.924662][ T3208] other info that might help us debug this: [ 414.924662][ T3208] [ 414.927787][ T3208] Chain exists of: [ 414.927787][ T3208] fs_reclaim --> cpu_hotplug_lock --> slab_mutex [ 414.927787][ T3208] [ 414.931506][ T3208] Possible unsafe locking scenario: [ 414.931506][ T3208] [ 414.933790][ T3208] CPU0 CPU1 [ 414.935453][ T3208] ---- ---- [ 414.937149][ T3208] lock(slab_mutex); [ 414.938412][ T3208] lock(cpu_hotplug_lock); [ 414.940522][ T3208] lock(slab_mutex); [ 414.942507][ T3208] lock(fs_reclaim); [ 414.943766][ T3208] [ 414.943766][ T3208] *** DEADLOCK *** [ 414.943766][ T3208] [ 414.946258][ T3208] 9 locks held by syz.6.8493/3208: [ 414.947827][ T3208] #0: ffff88801319b970 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 414.950607][ T3208] #1: ffff88802b098410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 414.953363][ T3208] #2: ffff88800045e480 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 414.956553][ T3208] #3: ffff88801cf170f8 (kn->active#74){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 414.959739][ T3208] #4: ffffffff8e6a1ec0 (system_transition_mutex){+.+.}-{4:4}, at: software_resume+0x65/0x330 [ 414.962849][ T3208] #5: ffffffff8f311aa0 (major_names_lock){+.+.}-{4:4}, at: blk_probe_dev+0x28/0x1e0 [ 414.965815][ T3208] #6: ffffffff9015ed40 (disks_mutex){+.+.}-{4:4}, at: md_alloc+0x3e/0x10a0 [ 414.968660][ T3208] #7: ffffffff8f2f8980 (bio_slab_lock){+.+.}-{4:4}, at: bioset_init+0x2ad/0x8a0 [ 414.971488][ T3208] #8: ffffffff8e97e080 (slab_mutex){+.+.}-{4:4}, at: __kmem_cache_create_args+0x44/0x420 [ 414.974503][ T3208] [ 414.974503][ T3208] stack backtrace: [ 414.976380][ T3208] CPU: 2 UID: 0 PID: 3208 Comm: syz.6.8493 Tainted: G L syzkaller #0 PREEMPT(full) [ 414.976397][ T3208] Tainted: [L]=SOFTLOCKUP [ 414.976401][ T3208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 414.976471][ T3208] Call Trace: [ 414.976477][ T3208] [ 414.976482][ T3208] dump_stack_lvl+0x100/0x190 [ 414.976495][ T3208] print_circular_bug.cold+0x178/0x1c7 [ 414.976514][ T3208] check_noncircular+0x146/0x160 [ 414.976531][ T3208] ? __schedule+0x10fb/0x6820 [ 414.976544][ T3208] __lock_acquire+0x14b8/0x2630 [ 414.976563][ T3208] lock_acquire+0x1b1/0x370 [ 414.976579][ T3208] ? __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 414.976598][ T3208] ? lockdep_hardirqs_on+0x78/0x100 [ 414.976611][ T3208] ? irqentry_exit+0x246/0x790 [ 414.976624][ T3208] fs_reclaim_acquire+0xc4/0x100 [ 414.976637][ T3208] ? __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 414.976655][ T3208] __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 414.976673][ T3208] ? kstrdup_const+0x63/0x80 [ 414.976684][ T3208] kstrdup+0x51/0xe0 [ 414.976695][ T3208] kstrdup_const+0x63/0x80 [ 414.976705][ T3208] __kmem_cache_create_args+0x118/0x420 [ 414.976722][ T3208] bioset_init+0x5ee/0x8a0 [ 414.976735][ T3208] ? __pfx_bioset_init+0x10/0x10 [ 414.976748][ T3208] ? kasan_save_track+0x14/0x30 [ 414.976758][ T3208] ? __kasan_kmalloc+0xaa/0xb0 [ 414.976775][ T3208] ? percpu_ref_init+0x244/0x3f0 [ 414.976855][ T3208] mddev_init+0x17c/0x820 [ 414.976871][ T3208] md_alloc+0xc7/0x10a0 [ 414.976882][ T3208] md_probe+0x73/0xf0 [ 414.976891][ T3208] ? __pfx_md_probe+0x10/0x10 [ 414.976900][ T3208] blk_probe_dev+0x149/0x1e0 [ 414.976912][ T3208] blk_request_module+0x16/0xc0 [ 414.976925][ T3208] blkdev_get_no_open+0x9b/0xf0 [ 414.976942][ T3208] bdev_file_open_by_dev+0x70/0x210 [ 414.976960][ T3208] swsusp_check+0x72/0x470 [ 414.976976][ T3208] software_resume+0x6f/0x330 [ 414.976988][ T3208] resume_store+0x248/0x460 [ 414.977000][ T3208] ? __pfx_resume_store+0x10/0x10 [ 414.977013][ T3208] ? find_held_lock+0x2b/0x80 [ 414.977026][ T3208] ? sysfs_file_kobj+0xe4/0x290 [ 414.977043][ T3208] ? sysfs_file_kobj+0xe4/0x290 [ 414.977058][ T3208] ? __pfx_resume_store+0x10/0x10 [ 414.977070][ T3208] kobj_attr_store+0x58/0x80 [ 414.977084][ T3208] ? __pfx_kobj_attr_store+0x10/0x10 [ 414.977098][ T3208] sysfs_kf_write+0xf2/0x150 [ 414.977114][ T3208] kernfs_fop_write_iter+0x3e0/0x5f0 [ 414.977128][ T3208] ? __pfx_sysfs_kf_write+0x10/0x10 [ 414.977145][ T3208] vfs_write+0x6ac/0x1070 [ 414.977156][ T3208] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 414.977171][ T3208] ? __pfx_vfs_write+0x10/0x10 [ 414.977182][ T3208] ? find_held_lock+0x2b/0x80 [ 414.977198][ T3208] ksys_write+0x12a/0x250 [ 414.977209][ T3208] ? __pfx_ksys_write+0x10/0x10 [ 414.977221][ T3208] ? rcu_is_watching+0x12/0xc0 [ 414.977234][ T3208] __do_fast_syscall_32+0xe7/0x950 [ 414.977248][ T3208] ? lockdep_hardirqs_on+0x78/0x100 [ 414.977260][ T3208] do_fast_syscall_32+0x32/0x70 [ 414.977273][ T3208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 414.977288][ T3208] RIP: 0023:0xf70aefcc [ 414.977301][ T3208] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 414.977313][ T3208] RSP: 002b:00000000f549d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 414.977324][ T3208] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 414.977332][ T3208] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000 [ 414.977338][ T3208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 414.977344][ T3208] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 414.977351][ T3208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 414.977360][ T3208] [ 415.100781][ T3208] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 415.103812][ T3208] block device autoloading is deprecated and will be removed. [ 415.107362][ T3208] PM: Image not found (code -5) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 416.455232][ T46] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.696185][ T46] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.945351][ T46] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.145209][ T46] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.814586][ T46] dummy0: left allmulticast mode [ 417.816374][ T46] bridge0: port 3(dummy0) entered disabled state [ 417.894760][ T46] bridge_slave_1: left promiscuous mode [ 417.896737][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.984736][ T46] bridge_slave_0: left allmulticast mode [ 417.986808][ T46] bridge_slave_0: left promiscuous mode [ 417.988674][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 418.764840][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 418.844882][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 418.865332][ T46] bond0 (unregistering): Released all slaves [ 418.905284][ T5666] 8021q: adding VLAN 0 to HW filter on device eth18 [ 419.002272][ T5666] 8021q: adding VLAN 0 to HW filter on device eth19 [ 419.097346][ T5666] 8021q: adding VLAN 0 to HW filter on device eth20 [ 419.347168][ T5666] 8021q: adding VLAN 0 to HW filter on device eth21 [ 420.404589][ T46] hsr_slave_0: left promiscuous mode [ 420.454599][ T46] hsr_slave_1: left promiscuous mode [ 420.457866][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 420.461102][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 420.494929][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 420.497675][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 420.604847][ T46] veth1_macvtap: left promiscuous mode [ 420.606725][ T46] veth0_macvtap: left promiscuous mode [ 420.608523][ T46] veth1_vlan: left promiscuous mode [ 420.610205][ T46] veth0_vlan: left promiscuous mode [ 421.215406][ T46] team0 (unregistering): Port device team_slave_1 removed [ 421.244849][ T46] team0 (unregistering): Port device team_slave_0 removed